Full Disclosure mailing list archives
RE: MS03-039 has been released - critical
From: "Steven M. Christey" <coley () mitre org>
Date: Wed, 10 Sep 2003 20:11:05 -0400 (EDT)
According to ISS, http://xforce.iss.net/xforce/alerts/id/152, they claim that functional exploit code is already in use on the Internet.
I don't think the advisory claims that. The "functional exploit code" they describe is for the null-pointer Denial of Service vulnerability that was reported by Xfocus in July, which does appear to be in active use (the CVE ID is CAN-2003-0605). That null-pointer bug was not fixed by the "old" Microsoft bulletin (MS03-026), but it is fixed in the new bulletin (MS03-039). The ISS advisory only says that there is "significant potential" for a worm that takes advantage of the new vulnerabilities.
anyone know of a 'sploit for this one yet? Or even proof of concept code?
Note: there are 2 distinct overflows, as reported by Microsoft. A Nessus plugin has been developed for one of the new overflows, as posted to this list. Whether it is the same overflow as the one described by eEye, I'm not sure (someone who knows DCOM at the packet level might be able to tell, though). Whether the overflow found by NSFOCUS is the same as the overflow found by eEye, I'm not sure (NSFOCUS has not published their advisory yet, and the Microsoft bulletin is unclear as to which researchers found which overflows). - Steve _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: MS03-039 has been released - critical, (continued)
- RE: MS03-039 has been released - critical Bobby, Paul (Sep 10)
- RE: MS03-039 DoS Exploit Elv1S (Sep 10)
- Re: MS03-039 has been released - critical Kurt Seifried (Sep 10)
- RE: MS03-039 has been released - critical LaRose, Dallas (Sep 10)
- RE: MS03-039 has been released - critical Bergeron, Jared (Sep 10)
- Re[2]: MS03-039 has been released - critical waces (Sep 10)
- RE: Re[2]: MS03-039 has been released - critical Derek Soeder (Sep 11)
- Re[4]: MS03-039 has been released - critical waces (Sep 11)
- Re[2]: MS03-039 has been released - critical waces (Sep 10)
- RE: MS03-039 has been released - critical Bobby, Paul (Sep 10)
- RE: MS03-039 has been released - critical Ryan, Pete (Sep 10)
- RE: MS03-039 has been released - critical Ryan, Pete (Sep 10)
- RE: MS03-039 has been released - critical Steven M. Christey (Sep 10)