Full Disclosure mailing list archives
Re: MS03-039 has been released - critical
From: "Kurt Seifried" <listuser () seifried org>
Date: Wed, 10 Sep 2003 17:53:04 -0600
According to ISS, http://xforce.iss.net/xforce/alerts/id/152, they claim that functional exploit code is already in use on the Internet.
This is for the DoS attack / privilege escalation requiring an account. Nothing to serious (compared to the remote holes). Can't be used remotely as far as is known (although if anyone knows otherwise please pipe up). It's almost exactly 3 weeks old (exploit released publicly) at this point, a bit late to start worrying. Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: MS03-039 has been released - critical, (continued)
- RE: MS03-039 has been released - critical Robert Ahnemann (Sep 10)
- RE: MS03-039 has been released - critical Anthony Aykut (Sep 10)
- Re: MS03-039 has been released - critical Exibar (Sep 10)
- RE: MS03-039 has been released - critical pdt (Sep 10)
- RE: MS03-039 has been released - critical Schmehl, Paul L (Sep 10)
- RE: MS03-039 has been released - critical Caggy, James (Sep 10)
- RE: MS03-039 has been released - critical Jeffrey . Stebelton (Sep 10)
- RE: MS03-039 has been released - critical Jones, David H (Sep 10)
- RE: MS03-039 has been released - critical Bobby, Paul (Sep 10)
- RE: MS03-039 DoS Exploit Elv1S (Sep 10)
- Re: MS03-039 has been released - critical Kurt Seifried (Sep 10)
- RE: MS03-039 has been released - critical LaRose, Dallas (Sep 10)
- RE: MS03-039 has been released - critical Bergeron, Jared (Sep 10)
- Re[2]: MS03-039 has been released - critical waces (Sep 10)
- RE: Re[2]: MS03-039 has been released - critical Derek Soeder (Sep 11)
- Re[4]: MS03-039 has been released - critical waces (Sep 11)
- Re[2]: MS03-039 has been released - critical waces (Sep 10)
- RE: MS03-039 has been released - critical Robert Ahnemann (Sep 10)
- RE: MS03-039 has been released - critical Ryan, Pete (Sep 10)
- RE: MS03-039 has been released - critical Ryan, Pete (Sep 10)
- RE: MS03-039 has been released - critical Steven M. Christey (Sep 10)