[Dshield] New critical Windows vulnerabilities

Kolde, Jennifer E. jkolde at nosc.mil
Wed Oct 15 21:34:40 GMT 2003

Note that the "Messenger" vulnerability is NOT in Windows Messenger or
MSN Messenger...it's in the Windows Messenger SERVICE.

The service is installed and running by default in NT / 2K / XP, and is
exploitable via RPC (135) and/or NetBIOS (137 - 139 / 445).

It's definitely a worm-candidate, though I have not seen anything about
exploits in the wild.


-----Original Message-----
From: warpmedia [mailto:warpmedia at comcast.net]
Sent: Wednesday, October 15, 2003 1:54 PM
To: General DShield Discussion List
Subject: Re: [Dshield] New critical Windows vulnerabilities

If it doesn't affect Trillian pro 2, then not me! =)

This after they changed the protocol causing havoc with 3rd party clients? 
tsk tsk.

At 14:56 10/15/2003, John Hardin wrote:
>One of these is a BO bug in Windows Messenger. This could get nasty
>(again). Popup worm, anyone?

Joshua MacCraw
warpmedia at comcast.net

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list