[Full-Disclosure] Re: Bad news on RPC DCOM vulnerability
Alex
pk95 at yandex.ru
Fri Oct 10 19:08:53 BST 2003
Exploit code can be found here:
http://www.securitylab.ru/40754.html
This code work with all security fixes. It's very dangerous.
----- Original Message -----
From: "3APA3A" <3APA3A at SECURITY.NNOV.RU>
To: <bugtraq at securityfocus.com>; <full-disclosure at lists.netsys.com>;
<NTBUGTRAQ at LISTSERV.NTBUGTRAQ.COM>
Cc: <Secure at microsoft.com>
Sent: Friday, October 10, 2003 6:48 PM
Subject: Bad news on RPC DCOM vulnerability
> Dear bugtraq at securityfocus.com,
>
> There are few bad news on RPC DCOM vulnerability:
>
> 1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is
> again actual.
> 2. It was reported by exploit author (and confirmed), Windows XP SP1
> with all security fixes installed still vulnerable to variant of the
> same bug. Windows 2000/2003 was not tested. For a while only DoS exploit
> exists, but code execution is probably possible. Technical details are
> sent to Microsoft, waiting for confirmation.
>
> Dear ISPs. Please instruct you customers to use personal fireWALL in
> Windows XP.
>
> --
> http://www.security.nnov.ru
> /\_/\
> { , . } |\
> +--oQQo->{ ^ }<-----+ \
> | ZARAZA U 3APA3A }
> +-------------o66o--+ /
> |/
> You know my name - look up my number (The Beatles)
>
>
>
Full-Disclosure is hosted and sponsored by Secunia.