[Dshield] Where are they getting their information?

Fergie (Paul Ferguson) fergdawg at netzero.net
Fri Jun 24 18:18:26 GMT 2005

Actually, there already is:

Microsoft Server Message Block (SMB) Remote Exploit (MS05-011)
Date : 23/06/2005
Rated: Critical


- ferg

"Johannes B. Ullrich" <jullrich at sans.org> wrote:

Now there is a relatively new SMB vulnerability, and I would expect some
good exploits for it soon. We do see some target list collection efforts
between a vulnerability being announced and having an exploit widely
available. However, this activity is likely lost in the overall port 445
noise, and target lists for 445 already exist from prior exploits.

"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg at netzero.net or fergdawg at sbcglobal.net
 ferg's tech blog: http://fergdawg.blogspot.com/

More information about the list mailing list