Full Disclosure mailing list archives
RE: Re: Bad news on RPC DCOM vulnerability
From: Byron Copeland <nodialtone () comcast net>
Date: 10 Oct 2003 21:14:25 -0400
If this is at all really a new version of the rpc exploit that presents the attacker with the holy grail, then it is probably as bad as others have suggested. I haven't tested yet. But one thing I'd do is go through all of my windows systems and turned the RPC service off. Patching is one thing, but if you don't need the service, turn it off. On Out! On Fri, 2003-10-10 at 20:05, Bobby Brown wrote:
So I can "assume" no other information is posted, other than this site, to collaborate the RPC issue is not resolved or should we all try to translate this site using the helpful hints, which they are? BB -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of petard Sent: Friday, October 10, 2003 4:40 PM To: Brown, Bobby (US - Hermitage) Cc: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Re: Bad news on RPC DCOM vulnerability On Fri, Oct 10, 2003 at 03:34:04PM -0400, Brown, Bobby (US - Hermitage) wrote:For us that can not interpret the site, what more information can be provided. BobbyFYI, the site is in Russian. Here are the steps for enlightening yourself: 1. Visit your favorite search engine. 2. Type the words "online translator russian" (without quotation marks) into the query field. 3. Visit one of the many free or paid translating services that are listed there. 4. Select your preferred language (English, I'd wager), enter the URL, and let the translator go to work. 5. Read the slightly stilted but informative result. FWIW, entering that query into google and clicking "I'm feeling lucky" gives good results. Good luck. HTH, petard -- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Bad news on RPC DCOM vulnerability 3APA3A (Oct 10)
- Re: Bad news on RPC DCOM vulnerability Alex (Oct 10)
- Re : [VERY] BAD news on RPC DCOM Exploit Stephen (Oct 10)
- <Possible follow-ups>
- Re: Bad news on RPC DCOM vulnerability Adrian_Stone (Oct 10)
- RE: Re: Bad news on RPC DCOM vulnerability Brown, Bobby (US - Hermitage) (Oct 10)
- RE: Re: Bad news on RPC DCOM vulnerability Macroscape Solutions (Oct 10)
- Re: Re: Bad news on RPC DCOM vulnerability petard (Oct 10)
- RE: Re: Bad news on RPC DCOM vulnerability Bobby Brown (Oct 10)
- RE: Re: Bad news on RPC DCOM vulnerability V.O. (Oct 10)
- RE: Re: Bad news on RPC DCOM vulnerability Byron Copeland (Oct 10)
- Re: Re: Bad news on RPC DCOM vulnerability petard (Oct 10)
- Re: Bad news on RPC DCOM2 vulnerability Peter King (Oct 11)
- AW: Bad news on RPC DCOM2 vulnerability Florian Keller (Oct 11)
- Re: Bad news on RPC DCOM2 vulnerability Alex (Oct 11)
- AW: Bad news on RPC DCOM2 vulnerability Florian Keller (Oct 11)
- Re: Bad news on RPC DCOM2 vulnerability Valdis . Kletnieks (Oct 11)
- Re: Bad news on RPC DCOM vulnerability Alex (Oct 10)
- Re: Re: Bad news on RPC DCOM vulnerability V.O. (Oct 10)