Full Disclosure mailing list archives
Re: Re: DCOM RPC exploit (dcom.c)
From: "Jennifer Bradley" <jenbradley () webmail co za>
Date: Sun, 27 Jul 2003 18:40:09 +0200
I don't think you were reading the advisories properly... ;) MSDE (Microsoft SQL Server Desktop Edition) was vulnerable, which many products use, including Office, Visual Studio .NET, etc. Just to refresh your memory, here's a list of products that contain MSDE http://www.sqlsecurity.com/forum/applicationslistgridall.aspx So, it is not a corner-case at all, not even in the slightest bit. VPNs are common enough these days, so the chances of someone VPNing into a network with an infected or infectable computer is actually pretty high. In the same vein, it looks like if a worm is released, it will most probably be easily transferable into any corporate domain that has VPNs as well, since every un-patched Windows is vulnerable. jb On Sun, 27 Jul 2003 00:41:22 -0700 (PDT) Nathan Seven (scosol () yahoo com) wrote:
--- Paul Schmehl <pauls () utdallas edu> wrote:Are you really serious? Recall Slammer? There were networks that were locked down pretty tight. Slammer couldn't get in, right? Then one developer who got his unpatched copy of SQL inside the network, by logging in through VPN with his infected laptop, took the entire network down.Are *you* serious? Running MSSQL server on my laptop that I also use to VPN in is IMO a pretty fucking corner-case... ===== -- live- http://www.thedenofsin.org/ to- AIM: IMFDUP penetrate- http://eAnger.org/ _may the bitches set you free_ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________________________________ LOOK GOOD, FEEL GOOD - WWW.HEALTHIEST.CO.ZA Cool Connection, Cool Price, Internet Access for R59 monthly @ WebMail http://www.webmail.co.za/dialup/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: DCOM RPC exploit (dcom.c), (continued)
- Re: DCOM RPC exploit (dcom.c) H D Moore (Jul 27)
- Re: DCOM RPC exploit (dcom.c) w g (Jul 27)
- Re: DCOM RPC exploit (dcom.c) H D Moore (Jul 27)
- Re: DCOM RPC exploit (dcom.c) dhtml (Jul 26)
- Re: DCOM RPC exploit w g (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Neeko Oni (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Neeko Oni (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
- Re: DCOM RPC exploit (dcom.c) CHeeKY (Jul 27)
- Re: DCOM RPC exploit (dcom.c) tcpdumb (Jul 27)
- Re: DCOM RPC exploit (dcom.c) El Guille (Jul 27)
- Re: DCOM RPC exploit (dcom.c) tcpdumb (Jul 27)
- Re: Re: DCOM RPC exploit (dcom.c) Jennifer Bradley (Jul 27)
- Re: Re: DCOM RPC exploit (dcom.c) Jennifer Bradley (Jul 27)
- Re: Re: DCOM RPC exploit (dcom.c) David R. Piegdon (Jul 27)
- Re: Re: DCOM RPC exploit (dcom.c) CHeeKY (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Justin Shin (Jul 27)
- Re: DCOM RPC exploit (dcom.c) tcpdumb (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 27)
- Re: Re: DCOM RPC exploit (dcom.c) David R. Piegdon (Jul 27)
- Re: Re: DCOM RPC exploit (dcom.c) Dan Stromberg (Jul 28)
- Re: DCOM RPC exploit (dcom.c) Curt Purdy (Jul 31)