[Dshield] MS04-007 exploit

Jim Race vimages at well.com
Sun Feb 15 01:37:24 GMT 2004


Johannes B. Ullrich wrote:

> just a quick note that a DOS exploit is out for the ASN vulnerability.
> Works nicely. More will be posted to the diary at http://isc.sans.org
> shortly.
> 
> This is the last warning to patch your systems. The exploit is not far
> from "running arbitrary code". Looks like so far its mostly targeting
> port 445 tcp.

Johannes,

I noted that both 139 and 445 were considered likely entry vectors. Are 
you guys seeing a corresponding rise in the dshield log submissions? I 
ask, because I don't see that in your graphs...

-jim




More information about the list mailing list