ms04_031_netdde

[jerome.athias at free.fr (Jerome Athias)]

Please find this sentence in the description field of the exploit module
"Despite Microsoft's claim that this vulnerability can be exploited 
without authentication, the NDDEAPI pipe is only accessible after 
successful authentication."

Alexander Sotirov a ?crit :
> In MS04-031 Microsoft says:
>
> "After the NetDDE services are started, any anonymous user who could deliver a
> specially crafted message to the affected system could attempt to remotely
> exploit this vulnerability"
>
> This seems to imply that no authentication is necessary, but the exploit doesn't
> work with an anonymous connection. When I run ms04_031_netdde I get:
>
> Exploit failed: The server responded with error: STATUS_ACCESS_DENIED
>
> If I set SMBUSER and SMBPASS, the exploit works, but these two options are not
> listed in the exploit info message. Are they really needed, or is there
> something I am missing?
>
>
> Thanks,
> Alex
>
>
>