<<< Date Index >>>     <<< Thread Index >>>

Re: Bad news on RPC DCOM vulnerability



In-Reply-To: <1155962754.20031010184852@xxxxxxxxxxxxxxxx>


as confirmed by 3APA3A and security labs, it seems that the public exploit 
*works* even if the patch MS03-039 is *installed*

This is a highly critical vulnerability - users MUST block vulnerable ports !

Regards.

K-OTik Staff /\\/ http://wwww.k-otik.com



>From: 3APA3A <3APA3A@xxxxxxxxxxxxxxxx>
>
>Dear bugtraq@xxxxxxxxxxxxxxxxx,
>
>There are few bad news on RPC DCOM vulnerability:
>
>1.  Universal  exploit  for  MS03-039  exists in-the-wild, PINK FLOYD is
>again actual.
>2.  It  was  reported  by exploit author (and confirmed), Windows XP SP1
>with  all  security  fixes  installed still vulnerable to variant of the
>same bug. Windows 2000/2003 was not tested. For a while only DoS exploit
>exists,  but  code execution is probably possible. Technical details are
>sent to Microsoft, waiting for confirmation.
>
>Dear  ISPs.  Please  instruct  you customers to use personal fireWALL in
>Windows XP.