[unisog] New (No kidding) RPC Vulnerability

Gary Flynn flynngn at jmu.edu
Wed Sep 10 20:58:09 GMT 2003



Dax wrote:

> 	Sadly, I can't even come up with something quick and witty to
> say, thanks to my slack-jawed state of disbelief...
> 
> http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
> http://www.microsoft.com/security/security_bulletins/MS03-039.asp
> 	
> 	Sooo...good job patching for Blaster everyone...Next!

And just to avoid confusion, it IS a new defect:
http://www.eeye.com/html/Research/Advisories/AD20030910.html

The patch fixes both the old and new defects. Doesn't look as
easy to exploit but there is a lot of attention being paid
to it. :(

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe



More information about the unisog mailing list