nanog mailing list archives
Re: Windows DCOM exploit (was Re: What you don't want to hear from a peer)
From: George Bakos <gbakos () ists dartmouth edu>
Date: Fri, 25 Jul 2003 16:01:16 -0400
HD Moore released one today that returns a Local System shell on port 4444. I've run it in the lab and, as expected of all HD code, works consistantly. g On Fri, 25 Jul 2003 15:56:57 -0400 "Ingevaldson, Dan (ISS Atlanta)" <dsi () iss net> wrote:
George- Which exploit are you referring to? There are several floating around. Many of them are misrepresented as MS03-026 exploits. There was another vulnerability disclosed that only causes a DoS condition--no remote compromise. Regards, =============================== Daniel Ingevaldson Engineering Manager, X-Force R&D dsi () iss net 404-236-3160 Internet Security Systems, Inc. The Power to Protect http://www.iss.net =============================== -----Original Message----- From: George Bakos [mailto:gbakos () ists dartmouth edu] Sent: Friday, July 25, 2003 3:47 PM Cc: jtk () depaul edu; nanog () merit edu Subject: Windows DCOM exploit (was Re: What you don't want to hear from a peer) On Fri, 25 Jul 2003 14:29:13 -0500 John Kristoff <jtk () depaul edu> wrote:Maybe it'll help start the weekend with a smile.Smile for now; it probably won't last. The Windows DCOM exploit that was released today, works perfectly. BTW, how many residential networks (worm fodder) really need port 135/tcp open, anyway? And I thought I would have time to split some cordwood today. Rats.
George Bakos Institute for Security Technology Studies - IRIA Dartmouth College gbakos () ists dartmouth edu 603.646.0665 -voice 603.646.0666 -fax
Current thread:
- Re: Windows DCOM exploit (was Re: What you don't want to hear from a peer) George Bakos (Jul 25)