[Dshield] New critical Windows vulnerabilities

Johannes Ullrich jullrich at euclidian.com
Thu Oct 16 12:47:58 GMT 2003


On Thu, 2003-10-16 at 02:42, warpmedia wrote:
> Would this require just udp or tcp connect?

The messenger service requires only a single UDP packet to popup a
message (if you bypass the RPC mechanism outlined earlier).

Not sure if this would suffice for an exploit, but likely it would. So
far, all rpc exploits I have seen use TCP.



-- 
--------------------------------------------------------------
Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
--------------------------------------------------------------
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net
--------------------------------------------------------------





More information about the list mailing list