RE: [msblast/LovSan] Detection

From: Jacob McMaster (jmcmaster_at_appliedsystems.com)
Date: 08/12/03

  • Next message: Marc Fossi: "Article Announcement: Basic IIS Lockdown Using Scripts and Group Policy"
    To: 'Frederic Gaillard' <FGaillard@chasseneuil.actaris.com>, focus-ms@securityfocus.com
    Date: Tue, 12 Aug 2003 11:00:49 -0500
    
    

    Same problems here but after loading the patch and then ruuning a scan using
    trend micro and the issue went away

    -----Original Message-----
    From: Frederic Gaillard [mailto:FGaillard@chasseneuil.actaris.com]
    Sent: Tuesday, August 12, 2003 8:55 AM
    To: focus-ms@securityfocus.com
    Subject: [msblast/LovSan] Detection

    Hello,

    I've got many users complaining with svchost.exe error messages, and
    several applications which crashed.
    But we've ran a scan with the latest NAI DAT (i.e. 4284), and it found
    nothing.
    We also use the NAI's stinger tool or Symantec's FixBlast.exe tool, but
    they did not find anything...

    Has smby else got a lot of troubles today which such behaviours (which
    should be caused by this worm), but was not able to detect this worm?

    Regards,
    Fred

    ---------------------------------------------------------------------------
    Your network firewall and IDS products do not prevent Web application
    attacks - the most common form of online exploitation- resulting in Web
    defacement, data theft, sabotage and fraud.
    KaVaDo is the only company that provides a complete suite of Web
    application security products.
    Download a FREE whitepaper on "Security Policy Automation for Web
    Applications":http://www.securityfocus.com/Kavado-focus-ms
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Your network firewall and IDS products do not prevent Web application
    attacks - the most common form of online exploitation- resulting in Web
    defacement, data theft, sabotage and fraud.
    KaVaDo is the only company that provides a complete suite of Web
    application security products.
    Download a FREE whitepaper on "Security Policy Automation for Web
    Applications":http://www.securityfocus.com/Kavado-focus-ms
    ---------------------------------------------------------------------------


  • Next message: Marc Fossi: "Article Announcement: Basic IIS Lockdown Using Scripts and Group Policy"

    Relevant Pages

    • RE: What the heck is this msblast.exe
      ... Your network firewall and IDS products do not prevent Web application ... KaVaDo is the only company that provides a complete suite of Web ... Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: Exchange 2000 out of office
      ... Your network firewall and IDS products do not prevent Web application ... KaVaDo is the only company that provides a complete suite of Web ... Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: What the heck is this msblast.exe
      ... What the heck is this msblast.exe ... |Your network firewall and IDS products do not prevent Web application ... |attacks - the most common form of online exploitation- resulting in Web ... |Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: What the heck is this msblast.exe
      ... |Your network firewall and IDS products do not prevent Web application ... |attacks - the most common form of online exploitation- resulting in Web ... |Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: What the heck is this msblast.exe
      ... |Your network firewall and IDS products do not prevent Web application ... |attacks - the most common form of online exploitation- resulting in Web ... |Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)