Re: Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)

From: Jennifer Bradley (jenbradley_at_webmail.co.za)
Date: 07/27/03

Next message: fulldisclosure_at_catholic.org: "RE: [Full-Disclosure] DCOM RPC exploit (dcom.c)"

Previous message: morning_wood: "Re: [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #977 - 35 msgs"
Maybe in reply to: Paul Schmehl: "Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)"
Next in thread: Jennifer Bradley: "Re: Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Sun, 27 Jul 2003 18:40:09 +0200

I don't think you were reading the advisories properly... ;)

MSDE (Microsoft SQL Server Desktop Edition) was vulnerable, which many
products use, including Office, Visual Studio .NET, etc. Just to
refresh your memory, here's a list of products that contain MSDE

http://www.sqlsecurity.com/forum/applicationslistgridall.aspx

So, it is not a corner-case at all, not even in the slightest bit.
VPNs are common enough these days, so the chances of someone VPNing
into a network with an infected or infectable computer is actually
pretty high.

In the same vein, it looks like if a worm is released, it will most
probably be easily transferable into any corporate domain that has
VPNs as well, since every un-patched Windows is vulnerable.

On Sun, 27 Jul 2003 00:41:22 -0700 (PDT) Nathan Seven
(scosol@yahoo.com) wrote:

>--- Paul Schmehl <pauls@utdallas.edu> wrote:
>>
>> Are you really serious? Recall Slammer? There were
>> networks that were
>> locked down pretty tight. Slammer couldn't get in,
>> right? Then one
>> developer who got his unpatched copy of SQL inside
>> the network, by
>> logging in through VPN with his infected laptop,
>> took the entire network
>> down.
>
>Are *you* serious?
>
>Running MSSQL server on my laptop that I also use to
>VPN in is IMO a pretty fucking corner-case...
>
>=====
>--
>live- http://www.thedenofsin.org/
>to- AIM: IMFDUP
>penetrate- http://eAnger.org/
>_may the bitches set you free_
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________________________________
LOOK GOOD, FEEL GOOD - WWW.HEALTHIEST.CO.ZA

Cool Connection, Cool Price, Internet Access for R59 monthly @ WebMail
http://www.webmail.co.za/dialup/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: fulldisclosure_at_catholic.org: "RE: [Full-Disclosure] DCOM RPC exploit (dcom.c)"

Previous message: morning_wood: "Re: [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #977 - 35 msgs"
Maybe in reply to: Paul Schmehl: "Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)"
Next in thread: Jennifer Bradley: "Re: Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]