Re: [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3
From: Kurt Seifried (listuser@SEIFRIED.ORG)Date: 10/21/02
- Previous message: Carboni, Mark: "3 Party Security Holes"
- In reply to: Kurt Seifried: "Re: [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3"
- Next in thread: Louis Solomon [SteelBytes]: "IE turing off proxy settings ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 21 Oct 2002 14:35:19 -0700 From: Kurt Seifried <listuser@SEIFRIED.ORG> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Ok turns out my test machines have to much free memory, the default exploit
doesn't work but it can easily be tweaked to work (it just takes a lot
longer). This exploit will kill 2000/SP3/ALL post sp3 security patches
machines (on my laptop with only 80 mgs of free memory RPC died after a
dozen or so runs of the exploit (i.e. not much network traffic). Plus a Java
version of the exploit was just released, making it easy to tweak.
Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
- Previous message: Carboni, Mark: "3 Party Security Holes"
- In reply to: Kurt Seifried: "Re: [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3"
- Next in thread: Louis Solomon [SteelBytes]: "IE turing off proxy settings ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
