Full Disclosure mailing list archives
RE: [inbox] Re: MS RPC remote exploit.
From: "Curt Purdy" <purdy () tecman com>
Date: Thu, 9 Oct 2003 13:46:21 -0500
--- Sudharsha Wijesinghe <sudharsha () digitalhouse lk> wrote:According to MS there cant be any Remote exploit on MS RPC except for a DOS attack using 139/135/445. How ever the code is available for a shell code. has any one tried this exploit?no remote exploit ? http://www.k-otik.com/exploits/10.09.rpc2universal.c.php http://www.k-otik.com/exploits/09.20.rpcdcom2ver1.1.c.php http://lists.netsys.com/pipermail/full-disclosure/2003-Septemb
er/009848.html What about dcom.exe that hit the streets before MS even released the first 032 patch. With it, you could own a box in 2 minutes. I can only imagine how many thousands of bots were deployed before blaster hit, as the kiddies were hitting their keyboards just as fast as their little fingers could type. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MS RPC remote exploit. Sudharsha Wijesinghe (Oct 09)
- Re: MS RPC remote exploit. Patrick Brauch (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? opticfiber (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Russell Fulton (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Vladimir Parkhaev (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Patrick Brauch (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? opticfiber (Oct 09)
- Re: MS RPC remote exploit. Kilian CAVALOTTI (Oct 09)
- RE: MS RPC remote exploit. Nathan (Oct 09)
- Re: MS RPC remote exploit. Stephen (Oct 09)
- RE: [inbox] Re: MS RPC remote exploit. Curt Purdy (Oct 09)
- SV: MS RPC remote exploit. Peter Kruse (Oct 09)
- Re: SV: MS RPC remote exploit. Telefónica Deutschland (Oct 09)
- <Possible follow-ups>
- RE: MS RPC remote exploit. Trey Mujakporue/UK/Tesco (Oct 10)
- Re: MS RPC remote exploit. Patrick Brauch (Oct 09)