EEYE:ALERT Free RPC/DCOM vulnerability scanning tool

• Previous message: NGSSoftware Insight Security Research: "Oracle Extproc Buffer Overflow (#NISR25072003)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Sat, 26 Jul 2003 01:56:49 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Due to the recent release of multiple exploits for the very serious
Microsoft RPC/DCOM vulnerability
(http://www.microsoft.com/security/security_bulletins/ms03-026.asp) we
have decided to release a free scanning tool that will allow
administrators to check to see if DCOM is enabled on remote machines,
and also if the remote system is vulnerable (patched or not). The
original vulnerability was discovered by the very talented researchers
at LSD. You definitely should read their advisory at:
http://www.lsd-pl.net/ if you have not already.

This scanning tool does NOT require administrator access. There are
various commercial, and open source, scanners which check for this
vulnerability. However, those tools either require administrator access
(which will be non-existent at any large company with a large number of
IP's) or the tools will be intrusive in their testing and therefore
bring down servers. Our check does not require administrator access, nor
is our check intrusive in bringing down servers.

If you find any bugs in the tool please contact eEye Digital Security
via the email support option within the tool. Do not respond to this
eMail list as it is not the proper forum.

You can get the tool at: http://www.eeye.com

P.S. Users of Retina (Network Security Scanner) have already had this
check within the latest Retina updates.

Signed,
Marc Maiffret
Co-Founder/Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to

http://www.trusecure.com/offer/s0100/

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Previous message: NGSSoftware Insight Security Research: "Oracle Extproc Buffer Overflow (#NISR25072003)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Alert: Microsoft Security Bulletin - MS03-039 ... The way that Microsoft patched the new RPC Part II vulnerability ... Summer's Hottest Certification Just Got HOTTER! ... To learn more about the TICSA certification, ... (NT-Bugtraq) FW: [Fwd: Re: AIM Password theft] ... This is just a simple exploit utilizing the Object Data vulnerability ... coupled with the GreyMagic no-script HTML ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ... (NT-Bugtraq) Re: Alert: Microsoft Security Bulletin - MS03-039 ... The way that Microsoft patched the new RPC Part II vulnerability actually ... scanning tool to correctly identify this new vulnerability, and old, without ... Summer's Hottest Certification Just Got HOTTER! ... (NT-Bugtraq) RE: Qualys ... without that rock-star factor there isn't as much press. ... right about not being proactive in vulnerability research. ... Defenese have chosen to standardize on eEye Digital Security for ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test) [EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability ... Macromedia Flash Player Improper Memory Access Vulnerability ... eEye Digital Security has discovered a vulnerability in Macromedia Flash ... (Bugtraq)