Full Disclosure mailing list archives
Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127
From: Tomokazu Suzuki <tomokazu444 () hotmail com>
Date: Fri, 23 Apr 2004 18:27:22 +0900
Joe Stewart wrote:
Scans port 135 for MS03-039 "DCOM2" vulnerability Scans port 139 for MS03-049 Workstation vulnerability Scans port 1433 for weak MSSQL administrator passwords Scans port 2082 for CPanel vulnerability (OSVDB ID: 4205) Scans port 2745 for backdoor left by the Bagle Virus Scans port 3127 for MyDoom.A backdoor Scans port 5000 for MS01-059 UPnP vulnerability Scans port 6129 for Dameware vulnerability (OSVDB ID: 3042) Scans port 80 for MS03-007 WebDav vulnerability Scans ports 135, 445 and 1025 for MS03-032 vulnerability Scans ports 139 and 445 for weak Netbios passwords
Could it exploit MS03-032 vulnerability via 135, 445 and 1025 ? The vulnerability exists in IE. -- Tom _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127 Honza Vlach (Apr 22)
- <Possible follow-ups>
- Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127 Tomokazu Suzuki (Apr 23)
- Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127 Joe Stewart (Apr 23)
- Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127 Willem Koenings (Apr 23)
- Re:Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127 Ian Latter (Apr 23)