Full Disclosure mailing list archives

Re: unix based network scanner for 2nd MS DCOM DCE RPC vulnerability

From: Jeremiah Cornelius <jeremiah () nur net>
Date: Thu, 11 Sep 2003 13:06:30 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 11 September 2003 12:20, Doke wrote:

    I've written a unix (Linux and Solaris) network scanner for the second
MS DCOM DCE RPC vulnerability, MS03-039.  It can differentiate between
unpatched for either dcom hole, patched for first, and patched for second.
It has a normal mode for checking one ip, a subnet mode, and a quiet mode
for use in scripts or CGIs.  The source code is available at:

http://udel.edu/~doke/dcom2/

    Suggestions and constructive criticism are invited.

                                          Cheers,
                                          Doke


Nice, Doke!

The only thing I can say is that it would be nice to document this, other than 
a trip through your source.

Could you post a README with your experience, methods, source material etc.  
This would be a big help!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/YNXaJi2cv3XsiSARAu58AKDV6WNY+liEz236cx6KqOggNBauQgCgihuO
ISBwUK2FNq48S4qrjszRO9c=
=I3Sd
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

unix based network scanner for 2nd MS DCOM DCE RPC vulnerability Doke (Sep 11)
- Re: unix based network scanner for 2nd MS DCOM DCE RPC vulnerability Jeremiah Cornelius (Sep 11)