[Dshield] Well, there they are -- exploits for latest Microsoft vu lnerabilities

David Taylor ltr at isc.upenn.edu
Fri Oct 14 01:31:11 GMT 2005

I haven't heard about it being in the wild yet.  Canvas has a module but
that software costs around $25,000 so not sure I would call that in the
wild.  I figure it is only a matter of time before Metasploit has their
module and we all know where it goes from there.  :)

David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security 
Philadelphia PA USA
(215) 898-1236

SANS - The Twenty Most Critical Internet Security Vulnerabilities 

SANS - Internet Storm Center

irc.freenode.net #dshielders

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Fergie (Paul Ferguson)
Sent: Thursday, October 13, 2005 9:18 PM
To: list at lists.dshield.org
Subject: Re: [Dshield] Well,there they are -- exploits for latest Microsoft
vu lnerabilities

Actually, I think the more likely vetor will be the MS05-051
exploit, but I figured everyone had already haeard about that
being in the wild. :-)

- ferg

-- Jim McCullough <jim.mccullough at gmail.com> wrote:

Batten down the hatches, bolt the doors, grab the hip wadders. I got a gut
feeling we are going to need them this weekend. From what I see, we will see
worms at the latest by Monday morning.

On 10/13/05, Fergie (Paul Ferguson) <fergdawg at netzero.net> wrote:
> Microsoft Windows FTP Client File Transfer Location Tampering Exploit
> (MS05-044)
> http://www.frsirt.com/exploits/20051013.ms05-044.c.php
> Microsoft Windows Network Connection Manager Local DoS Exploit (MS05-045)
> http://www.frsirt.com/exploits/20051013.ms05-045.c.php
> Microsoft Collaboration Data Objects Buffer Overflow PoC Exploit
> (MS05-048)
> http://www.frsirt.com/exploits/20051013.ms05-048.c.php
> Only the MS05-048 is considered to be "high risk", but word to
> the wise...
> - ferg
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg at netzero.net or fergdawg at sbcglobal.net
> ferg's tech blog: http://fergdawg.blogspot.com/

Jim McCullough

Using .Net? Need to know more about .Net Security?

send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list