[unisog] New (No kidding) RPC Vulnerability

WENDY SHIH wshih at res.kent.edu
Thu Sep 11 14:29:21 GMT 2003


Hi, I just read the Eeye article.  I don't think this patch fix the
previous vulnerability ? Can someone confirm it ?
                                                                                           
                                                                                           
                                                                                           
                                                                                           
                                                                                           
                                                                                           
                                                                                           
                                                                                           
                                                                                           
                                                                                           
    Note: This vulnerability differs from the vulnerability publicized in Microsoft        
    Bulletin MS03-026 (http://www.microsoft.com/technet/security/bulletin/MS03-026.asp).   
    This is a new vulnerability, and a different patch that must be installed.             
                                                                                           
                                                                                           
                                                                                           
                                                                                           




                                                                                                            
                      Gary Flynn                                                                            
                      <flynngn at jmu.edu>        To:                                                          
                                               cc:       unisog at sans.org                                    
                      2003/09/10 04:58         Subject:  Re: [unisog] New (No kidding) RPC Vulnerability    
                      PM                                                                                    
                                                                                                            
                                                                                                            






Dax wrote:

>            Sadly, I can't even come up with something quick and witty to
> say, thanks to my slack-jawed state of disbelief...
>
> http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
> http://www.microsoft.com/security/security_bulletins/MS03-039.asp
>
>            Sooo...good job patching for Blaster everyone...Next!

And just to avoid confusion, it IS a new defect:
http://www.eeye.com/html/Research/Advisories/AD20030910.html

The patch fixes both the old and new defects. Doesn't look as
easy to exploit but there is a lot of attention being paid
to it. :(

--
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe








More information about the unisog mailing list