Full Disclosure mailing list archives
Re: DCOM RPC exploit (dcom.c)
From: Valdis.Kletnieks () vt edu
Date: Sun, 27 Jul 2003 11:38:20 -0400
On Sun, 27 Jul 2003 00:41:22 PDT, Nathan Seven said:
Running MSSQL server on my laptop that I also use to VPN in is IMO a pretty fucking corner-case...
On the other hand, if you're a big financial company with 50K warm bodies on the payroll, there's a good chance you have 1 or 2 developers that often VPN in, and who have installed MSSQL so they can test&develop locally rather than against a remote database. And it only takes 1..... It may be a corner case, but based on the number of sites that got nailed by Slammer even though they had a firewall, it's a pretty common corner case....
Attachment:
_bin
Description:
Current thread:
- Re: DCOM RPC exploit (dcom.c), (continued)
- Re: DCOM RPC exploit (dcom.c) Chris Paget (Jul 26)
- Re: DCOM RPC exploit (dcom.c) morning_wood (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Shanphen Dawa (Jul 26)
- Re: DCOM RPC exploit (dcom.c) morning_wood (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Nathan Seven (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
- Re: DCOM RPC exploit (dcom.c) KF (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 26)
- Re: DCOM RPC exploit (dcom.c) manohar singh (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Etaoin Shrdlu (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Jean-Baptiste Marchand (Jul 29)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 29)
- Re: DCOM RPC exploit (dcom.c) gregh (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 26)
- RE : DCOM RPC exploit (dcom.c) Nicolas Villatte (Jul 27)