Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator?

From: Patrick Brauch <pab () heisec de>
Date: Thu, 9 Oct 2003 23:22:50 +0200 (CEST)
On Thu, 9 Oct 2003, opticfiber wrote:


It's come to my attetion that disablinf DCOM in windows is near
impossible without a regedit.


That's usually not what you want anyways. There are ways to disable
RPC/DCOM completely, but systems might not run as they should anymore. the
list of incompatibilities is long and not worth discussing; if you use
windows server as a productive system (i.e. running webserver or alike)
you generally can't just "deactivate" DCOM to be fine -- it just won't
work.

Anyways, while being here, did anyone succeed in proofing that the k-otik
exploit a) compiles and b) really works universal?

cheers,
-- 
Patrick Brauch                            <pab () heisec de>
heise security                       http://www.heisec.de
c't Magazin fuer Computertechnik   http://www.heise.de/ct
PGP-Fingerprint: 8366 03AC D702 F2BB  C617 E6BC 1811 950E

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: