RE: [Full-Disclosure] LSASS exploit win32 binary
From: Stuart Fox (DSL AK) (StuartF_at_datacom.co.nz)
Date: 04/30/04
- Previous message: Richard Johnson: "Re: [Full-Disclosure] H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security)"
- Maybe in reply to: Q.Long_at_city.ac.uk: "[Full-Disclosure] LSASS exploit win32 binary"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Chris Scott <cscott@fluidsmgmt.com>, full-disclosure@lists.netsys.com Date: Fri, 30 Apr 2004 15:53:02 +1200
For those servers that break when you apply MS04-011, there's a KB article
that describes what to do to work around it.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841382
> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
> Chris Scott
> Sent: Thursday, 29 April 2004 4:22 p.m.
> To: bosborne@caltex.com.au; full-disclosure@lists.netsys.com
> Subject: RE: [Full-Disclosure] LSASS exploit win32 binary
>
> Does anyone have snort sigs or any means of defending against
> the worms that are exploiting this? Several acquaintances of
> mine which work for edu's are reporting their networks being
> affected by this in a big way. They have 2k machines which
> apparently broke when applied with the MS04-011 patch.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Richard Johnson: "Re: [Full-Disclosure] H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security)"
- Maybe in reply to: Q.Long_at_city.ac.uk: "[Full-Disclosure] LSASS exploit win32 binary"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
