<<< Date Index >>>     <<< Thread Index >>>

Re: Microsoft ASN.1 (Half a sploit)



Windows 98 SE;

Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-02-18 12:52 EST
PORT    STATE SERVICE
139/tcp open  netbios-ssn
427/tcp open  svrloc

[root@dsg root]# ./MS04-007-dos 10.187.5.57 139

[root@dsg root]# nmap 10.187.5.57

Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-02-18 12:52 EST
PORT    STATE SERVICE
139/tcp open  netbios-ssn

--
Joshua Levitsky, MCSE, CISSP
System Engineer
http://www.foist.org/
[5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1]


----- Original Message ----- 
From: "WebHead" <webheadport80@xxxxxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>
Sent: Tuesday, February 17, 2004 12:38 AM
Subject: Re: Microsoft ASN.1 (Half a sploit)


> In-Reply-To: <20040215130958.17364.qmail@xxxxxxxxxxxxxxxxxxxxx>
>
> FYI...
>
> The DoS exploit for ms04-007 works successfully on WS03 /W2K3 and W2K
AdvServer with SP3.
>
> WebHead
>
>
>
> >Received: (qmail 15182 invoked from network); 16 Feb 2004 16:42:00 -0000
> >Received: from outgoing3.securityfocus.com (205.206.231.27)
> >  by mail.securityfocus.com with SMTP; 16 Feb 2004 16:42:00 -0000
> >Received: from lists2.securityfocus.com (lists2.securityfocus.com
[205.206.231.20])
> > by outgoing3.securityfocus.com (Postfix) with QMQP
> > id 7F664A30D6; Mon, 16 Feb 2004 11:09:14 -0700 (MST)
> >Mailing-List: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
> >Precedence: bulk
> >List-Id: <bugtraq.list-id.securityfocus.com>
> >List-Post: <mailto:bugtraq@xxxxxxxxxxxxxxxxx>
> >List-Help: <mailto:bugtraq-help@xxxxxxxxxxxxxxxxx>
> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@xxxxxxxxxxxxxxxxx>
> >List-Subscribe: <mailto:bugtraq-subscribe@xxxxxxxxxxxxxxxxx>
> >Delivered-To: mailing list bugtraq@xxxxxxxxxxxxxxxxx
> >Delivered-To: moderator for bugtraq@xxxxxxxxxxxxxxxxx
> >Received: (qmail 20023 invoked from network); 15 Feb 2004 07:01:17 -0000
> >Date: 15 Feb 2004 13:09:58 -0000
> >Message-ID: <20040215130958.17364.qmail@xxxxxxxxxxxxxxxxxxxxx>
> >Content-Type: text/plain
> >Content-Disposition: inline
> >Content-Transfer-Encoding: binary
> >MIME-Version: 1.0
> >X-Mailer: MIME-tools 5.411 (Entity 5.404)
> >From: K-OTiK Security <Special-Alerts@xxxxxxxxxx>
> >To: bugtraq@xxxxxxxxxxxxxxxxx
> >Subject: Re:  Microsoft ASN.1 (Half a sploit)
> >
> >In-Reply-To: <200402132315.i1DNFYAa067379@xxxxxxxxxxxxxxxxxxxxxxxx>
> >
> >Note that the SANS said "This Exploit appears to work only against
Windows 2000 Professional..."
> >
> >We say : works against Windows 2000 & Windows XP
> >
> >other versions ? 2k3 ?
> >
> >References
> >http://www.k-otik.com/exploits/02.14.MS04-007-dos.c.php
> >http://isc.sans.org/diary.html
> >
> >Regards.
> >K-OTik Staff
> >http://www.k-otik.com
> >
> >
> >
>