Full Disclosure mailing list archives
RE: Immunity's paper?
From: "Jerry Heidtke" <jheidtke () fmlh edu>
Date: Mon, 15 Sep 2003 10:25:19 -0500
See http://www.immunitysec.com/papers/msrpcheap.pdf and http://www.immunitysec.com/papers/msrpcheap2.pdf. Exploit code for one of the vulnerabilities in RPCSS is "in the wild". No indications of a worm being released yet, but it's only a matter of time. If we had a pool going, I'd pick that square for tomorrow (9/16). Jerry -----Original Message----- From: Exibar [mailto:exibar () thelair com] Sent: Monday, September 15, 2003 9:18 AM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Immunity's paper? Does anyone have this paper that the quoted Microsoft PSS advisory mentions or a link to it? I'd love to give it a read... thanks all! Exibar The PSS Security team is issuing this alert to advise customers that on Saturday 9/13/03 a research company called Immunity published a paper providing guidance on how to exploit the vulnerabilities patched by Microsoft Security Bulletin MS03-039. To date we've had no reports of actual exploit code being publicly available or being used actively in a worm or virus. Customers that have applied the patch as advised in Microsoft Security Bulletin MS03-039 are protected from exploit code developed using the guidance provided in this paper. Customers who have not deployed the patch or taken additional mitigating actions to protect their environment should be aware that the existence of sample code does make it easier for an active exploit to be developed. We are therefore strongly urging customers to immediately deploy the patch in their environments and take additional mitigation steps, as described in the bulletin, to protect themselves. Information on Microsoft Security Bulletin MS03-039 and its associated patch, mitigating factors and workarounds can be found here: http://www.microsoft.com/technet/security/bulletin/ms03-039.asp PSS Security Team _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Immunity's paper? Jerry Heidtke (Sep 15)
- Re: Immunity's paper? Exibar (Sep 15)
- <Possible follow-ups>
- RE: Immunity's paper? Jerry Heidtke (Sep 15)