Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MS03-039 has been released - critical

From: "Kurt Seifried" <listuser () seifried org>
Date: Wed, 10 Sep 2003 17:53:04 -0600
According to ISS, http://xforce.iss.net/xforce/alerts/id/152, they claim
that functional exploit code is already in use on the Internet.


This is for the DoS attack / privilege escalation requiring an account.
Nothing to serious (compared to the remote holes). Can't be used remotely as
far as is known (although if anyone knows otherwise please pipe up).

It's almost exactly 3 weeks old (exploit released publicly) at this point, a
bit late to start worrying.

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: