[Dshield] Microsoft ASN.1

Paul Marsh pmarsh at nmefdn.org
Wed Feb 11 15:27:44 GMT 2004


I'm sure everyone has been reading the emails regarding ASN.1.  I'm
concerned that eEye is giving out way too much information.  I'm sure
all the script kiddies are waiting with much anticipation for someone (a
real coder) to release the exploit in an easy to use package.  From what
I've read it looks like scanning should take place on UDP/88 and
TCP/135, 139 and 445.  I know this is premature but are these the only
port that are vulnerable?  Anyone what to take a guess as to what the
probes are going to look like?  And when?  I'd love to see some of the
underground chatter on this one. I'd like see how close the blackhats
are to creating a workable model.

Thanx, Paul 




More information about the list mailing list