|
|
DCOM RPC - DEVESTATING IN SCOPE: msg#00443security.bugtraq
i think the severity of the RPC exploit cannot be diminished.. this is the worst remote root compromise i have ever seen and i am literlaly screaming at everyone i know to patch ASAP. the thought of media attention sonded plausable.. this should be on the nightly news for the next 2 days minumum. The ease and swiftness of the exploit makes it second to none in the potential damage.. as you point out.. > Then I ran the win32 binary I compiled from from the c code posted to this list > against that list of ips. > I assumed that most XP boxes would be SP1. > I got 6 command prompts. > I then ran the same binary looking for Xp with Sp0. > I got 156 command prompts. > i too have experienced these percentages in a block of ip addresses .. "shocked and awed" Donnie Werner http://e2-labs.com http://exploitlabs.com PATCH FOR RPC NOW !!! buh bye _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Solaris ld.so.1 buffer overflow: 00443, Jouko Pynnonen |
|---|---|
| Next by Date: | [SECURITY] [DSA-354-1] New xconq packages fix buffer overflows: 00443, Matt Zimmerman |
| Previous by Thread: | Solaris ld.so.1 buffer overflowi: 00443, Jouko Pynnonen |
| Next by Thread: | [SECURITY] [DSA-354-1] New xconq packages fix buffer overflows: 00443, Matt Zimmerman |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |