Full Disclosure mailing list archives

RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)

From: Joey <joey2cool () yahoo com>
Date: Wed, 13 Aug 2003 12:55:38 -0700 (PDT)

svchost.exe listens on several ports on windows xp.
If microsoft is saying that it should never be on the
internet, couldn't there be more b0f's discovered in
the future? One peculiar service "DNS Client",
although listening on a few random ports just about
1024, also runs off of svchost.exe.

--- Nick FitzGerald <nick () virus-l demon co uk> wrote:

They cannot do _any business whatsoever_ if they
cannot expose a  pile 
of crap like MS RPC to the Internet?  Code that MS
now openly admits 
should never be exposed to "hostile environments"? 
Who was responsible 
for such horrendous mis-design?


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd), (continued)
- - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Chris Garrett (Aug 12)
    - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Andrew Simmons (Aug 12)
  - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) gregh (Aug 13)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Richard Stevens (Aug 12)
  - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Lan Guy (Aug 12)
  - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Jonathan Rickman (Aug 12)
    - RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Dennis Heaton (Aug 12)
    - RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Gordon Ewasiuk (Aug 12)
    - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Jeremiah Cornelius (Aug 13)
    - RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Nick FitzGerald (Aug 13)
    - RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Joey (Aug 13)
    - RE: ISS Security Brief: 'MS Blast' MSRPC DCOM Worm Propagation (fwd) Daniele Muscetta (Aug 14)
    - RE: ISS Security Brief: 'MS Blast' MSRPC DCOM Worm Propagation (fwd) Joey (Aug 14)
    - RE: ISS Security Brief: 'MS Blast' MSRPC DCOM Worm Propagation (fwd) Daniele Muscetta (Aug 14)
    - Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) morning_wood (Aug 12)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Evans, Arian (Aug 12)
  - Blaster: will it spread without tftp? Maarten (Aug 12)
    - Re: Blaster: will it spread without tftp? Craig Pratt (Aug 12)
    - Re: Blaster: will it spread without tftp? Maarten Hartsuijker (Aug 12)
    - Re: Blaster: will it spread without tftp? Jim Clausing (Aug 12)
    - Re: Blaster: will it spread without tftp? Matthew Murphy (Aug 12)

(Thread continues...)