[Dshield] New critical Windows vulnerabilities

Kolde, Jennifer E. jkolde at nosc.mil
Wed Oct 15 21:34:40 GMT 2003


Note that the "Messenger" vulnerability is NOT in Windows Messenger or
MSN Messenger...it's in the Windows Messenger SERVICE.

The service is installed and running by default in NT / 2K / XP, and is
exploitable via RPC (135) and/or NetBIOS (137 - 139 / 445).

It's definitely a worm-candidate, though I have not seen anything about
exploits in the wild.

Regards,
Jennifer

-----Original Message-----
From: warpmedia [mailto:warpmedia at comcast.net]
Sent: Wednesday, October 15, 2003 1:54 PM
To: General DShield Discussion List
Subject: Re: [Dshield] New critical Windows vulnerabilities


If it doesn't affect Trillian pro 2, then not me! =)

This after they changed the protocol causing havoc with 3rd party clients? 
tsk tsk.

At 14:56 10/15/2003, John Hardin wrote:
>http://www.microsoft.com/security/security_bulletins/20031015_windows.asp
>
>One of these is a BO bug in Windows Messenger. This could get nasty
>(again). Popup worm, anyone?

Joshua MacCraw
warpmedia at comcast.net
http://mywebpages.comcast.net/jmaccraw 

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list