Re: [Full-disclosure] NT4 worm
- From: H D Moore <fdlist@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 30 Aug 2006 14:29:57 -0500
The exploit for NT 4.0 is *exactly* the same packet as the one you would
also use on Windows 2000. I am suprised that this is considered a "NT 4"
worm and not a "Windows 2000 (+NT 4.0)" worm. Is something specific about
the exploit they use that prevents it from working on Windows 2000?
-HD
On Wednesday 30 August 2006 10:11, Juha-Matti Laurio wrote:
Are the machines you have experience especially NT4.0 machines?
It appears that one of the PoC's (public on Monday 28th Aug) lists the
following information: "Systems Affected:
* Microsoft Windows 2000 SP0-SP4
* Microsoft Windows XP SP0-SP1
* Microsoft Windows NT 4.0"
but reportedly it is tested against XPSP1 and W2KSP4 systems.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Re: [Full-disclosure] NT4 worm
- From: Juha-Matti Laurio
- Re: [Full-disclosure] NT4 worm
- Prev by Date: Re: [Full-disclosure] The current state of play
- Next by Date: [Full-disclosure] php poc exploit for osCommerce <= 2.2 Milestone 2 060817 vuln found by gulftech
- Previous by thread: RE: [Full-disclosure] NT4 worm
- Next by thread: Re: [Full-disclosure] NT4 worm
- Index(es):
Relevant Pages
|
