[Full-Disclosure] LSASS exploit win32 binary
Stuart Fox (DSL AK)
StuartF at datacom.co.nz
Fri Apr 30 04:53:02 BST 2004
For those servers that break when you apply MS04-011, there's a KB article
that describes what to do to work around it.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841382
> -----Original Message-----
> From: full-disclosure-admin at lists.netsys.com
> [mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of
> Chris Scott
> Sent: Thursday, 29 April 2004 4:22 p.m.
> To: bosborne at caltex.com.au; full-disclosure at lists.netsys.com
> Subject: RE: [Full-Disclosure] LSASS exploit win32 binary
>
> Does anyone have snort sigs or any means of defending against
> the worms that are exploiting this? Several acquaintances of
> mine which work for edu's are reporting their networks being
> affected by this in a big way. They have 2k machines which
> apparently broke when applied with the MS04-011 patch.
Full-Disclosure is hosted and sponsored by Secunia.