ISS X-Force Utility: MS03-026 RPC DCOM Assessment Tool

From: X-Force (xforce_at_iss.net)
Date: 07/29/03


To: alert@iss.net
Date: Tue, 29 Jul 2003 10:50:42 -0400 (EDT)


-----BEGIN PGP SIGNED MESSAGE-----

ISS X-Force has developed a tool to scan any specified IP range for
systems vulnerable to the MS03-26 RPC vulnerability. The scanner
is non-invasive. It does not need domain credentials to check for the
patch, nor does it actually fire the exploit. The scanner uses two
techniques to fingerprint the vulnerability based on behaviors that the
MS03-026 patch has altered. The scanner also includes a primitive
OS-ident feature.

We feel that this tool may prove to be more accurate that other free
scanners that have been made available. For more information, please
visit:

http://www.iss.net/support/product_utilities/ms03-026rpc.php

X-Force released a Security Alert on this vulnerability on July 16th.
ISS customers should refer to the Alert for the most recent product-
related information:

http://xforce.iss.net/xforce/alerts/id/147

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBPyaJhjRfJiV99eG9AQFXcQP9H6McC+vBI44l8Vh2E7aHzNH3bBDqaTGk
Cvpsx+bIppJPBE5+FUydqBrTaTT38ua/GDEew6MYrviTDfCJ6uEpPXWwmLAFvNAZ
jaB5r1K3ELIR5wMWMzcz5gatPO8X5pw4qLRk9A1vtGfaQBu0zbiC/La/6AFeGkjD
2pNkTim6jkY=
=O+D5
-----END PGP SIGNATURE-----