Full Disclosure mailing list archives

RE: EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II

From: "Chris DeVoney" <cdevoney () u washington edu>
Date: Wed, 10 Sep 2003 15:36:10 -0700

On Wednesday, September 10, 2003 1:26 PM, Jeff.Urnaza () averydennison com
wrote:

The version number in eEye's supposed *new* scanner is the 
same version number  as the one they release for the previous 
RPC exploit, v1.0.4.


Pardon my interuption, but the version I downloaded about noon-ish PDT has
version 1.1.0 in both its Help-About and its file properties. It does report
vulnerabilities to MS03-026 and -039.


cdv

------------------------
Chris DeVoney
Clinical Research Center Informatics
University of Washington
cdevoney () u washington edu
206-598-6816 
------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II Marc Maiffret (Sep 10)
- <Possible follow-ups>
- Re: EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II Jeff . Urnaza (Sep 10)
  - RE: EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II Chris DeVoney (Sep 10)
    - MS03-039 - Exploit ... Elv1S (Sep 10)
    - MS03-039 - Exploit ... Elv1S (Sep 10)
  - RE: EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II Marc Maiffret (Sep 10)
- RE: EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II Jeff . Urnaza (Sep 10)