Full Disclosure mailing list archives

RE: MS03-039 has been released - critical

From: "LaRose, Dallas" <Dallas_LaRose () s2systems com>
Date: Wed, 10 Sep 2003 15:40:44 -0500

Paul Schmehl (pauls () utdallas edu) Wrote:

I downloaded the MS scanner today and ran it against one 24.  It reports
the computers as "patched with KB823980", so it doesn't look like it's
testing for the new stuff yet.


The results of the scan are a bit misleading.  What you have to look for is
the line with:

  Patched with KB824146 and KB823980 .... 0



Here is a sample output of a _patched_ installation:

Microsoft (R) KB824146 Scanner Version 1.00.0249 for 80x86
Copyright (c) Microsoft Corporation 2003. All rights reserved.

<+> Starting scan (timeout = 5000 ms)

Checking x.x.x.100
x.x.x.100: patched with KB824146 and KB823980

<-> Scan completed

Statistics:

  Patched with KB824146 and KB823980 .... 1
  Patched with KB823980 ................. 0
  Unpatched ............................. 0
  TOTAL HOSTS SCANNED ................... 1

  DCOM Disabled ......................... 0
  Needs Investigation ................... 0
  Connection refused .................... 0
  Host unreachable ...................... 0
  Other Errors .......................... 0
  TOTAL HOSTS SKIPPED ................... 0

  TOTAL ADDRESSES SCANNED ............... 1


Here is the sample output of an _unpatched_ installation:

Microsoft (R) KB824146 Scanner Version 1.00.0249 for 80x86
Copyright (c) Microsoft Corporation 2003. All rights reserved.

<+> Starting scan (timeout = 5000 ms)

Checking x.x.x.4
x.x.x.4: patched with KB823980

<-> Scan completed

Statistics:

  Patched with KB824146 and KB823980 .... 0
  Patched with KB823980 ................. 1
  Unpatched ............................. 0
  TOTAL HOSTS SCANNED ................... 1

  DCOM Disabled ......................... 0
  Needs Investigation ................... 0
  Connection refused .................... 0
  Host unreachable ...................... 0
  Other Errors .......................... 0
  TOTAL HOSTS SKIPPED ................... 0

  TOTAL ADDRESSES SCANNED ............... 1

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: MS03-039 has been released - critical, (continued)
- - RE: MS03-039 has been released - critical Anthony Aykut (Sep 10)
  - Re: MS03-039 has been released - critical Exibar (Sep 10)
- RE: MS03-039 has been released - critical pdt (Sep 10)
- RE: MS03-039 has been released - critical Schmehl, Paul L (Sep 10)
- RE: MS03-039 has been released - critical Caggy, James (Sep 10)
- RE: MS03-039 has been released - critical Jeffrey . Stebelton (Sep 10)
- RE: MS03-039 has been released - critical Jones, David H (Sep 10)
- RE: MS03-039 has been released - critical Bobby, Paul (Sep 10)
  - RE: MS03-039 DoS Exploit Elv1S (Sep 10)
  - Re: MS03-039 has been released - critical Kurt Seifried (Sep 10)
- RE: MS03-039 has been released - critical LaRose, Dallas (Sep 10)
- RE: MS03-039 has been released - critical Bergeron, Jared (Sep 10)
  - Re[2]: MS03-039 has been released - critical waces (Sep 10)
    - RE: Re[2]: MS03-039 has been released - critical Derek Soeder (Sep 11)
    - Re[4]: MS03-039 has been released - critical waces (Sep 11)
- RE: MS03-039 has been released - critical Ryan, Pete (Sep 10)
- RE: MS03-039 has been released - critical Ryan, Pete (Sep 10)
- RE: MS03-039 has been released - critical Steven M. Christey (Sep 10)