Bad news on RPC DCOM vulnerability

From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 10/10/03

  • Next message: Oliver Schneider: "Re: Last Two Critical Updates (IE-828750 and Windows Media Player-828 026)"
    Date:         Fri, 10 Oct 2003 18:48:52 +0400
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Dear bugtraq@securityfocus.com,

    There are few bad news on RPC DCOM vulnerability:

    1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is
    again actual.
    2. It was reported by exploit author (and confirmed), Windows XP SP1
    with all security fixes installed still vulnerable to variant of the
    same bug. Windows 2000/2003 was not tested. For a while only DoS exploit
    exists, but code execution is probably possible. Technical details are
    sent to Microsoft, waiting for confirmation.

    Dear ISPs. Please instruct you customers to use personal fireWALL in
    Windows XP.

    --
    http://www.security.nnov.ru
             /\_/\
            { , . }     |\
    +--oQQo->{ ^ }<-----+ \
    |  ZARAZA  U  3APA3A   }
    +-------------o66o--+ /
                        |/
    You know my name - look up my number (The Beatles)
    -----
    Out of Office replies to list messages cause you to be unsubscribed
    automatically. Either subscribe a Public Folder, or ensure you're rules are
    set to ensure list messages are filtered prior to your Out of Office reply.
    Such automatic replies are a bane to posters, and cause us to have fewer
    researchers post to NTBugtraq.
    -----
    

  • Next message: Oliver Schneider: "Re: Last Two Critical Updates (IE-828750 and Windows Media Player-828 026)"

    Relevant Pages

    • [Full-Disclosure] Bad news on RPC DCOM vulnerability
      ... There are few bad news on RPC DCOM vulnerability: ... Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is ... It was reported by exploit author, Windows XP SP1 ... sent to Microsoft, waiting for confirmation. ...
      (Full-Disclosure)
    • [Full-Disclosure] Bad news on RPC DCOM vulnerability
      ... There are few bad news on RPC DCOM vulnerability: ... Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is ... It was reported by exploit author, Windows XP SP1 ... sent to Microsoft, waiting for confirmation. ...
      (Full-Disclosure)
    • Bad news on RPC DCOM vulnerability
      ... There are few bad news on RPC DCOM vulnerability: ... Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is ... It was reported by exploit author, Windows XP SP1 ... sent to Microsoft, waiting for confirmation. ...
      (Full-Disclosure)
    • Bad news on RPC DCOM vulnerability
      ... There are few bad news on RPC DCOM vulnerability: ... Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is ... It was reported by exploit author, Windows XP SP1 ... sent to Microsoft, waiting for confirmation. ...
      (Bugtraq)