[unisog] New (No kidding) RPC Vulnerability
wshih at res.kent.edu
Thu Sep 11 14:29:21 GMT 2003
Hi, I just read the Eeye article. I don't think this patch fix the
previous vulnerability ? Can someone confirm it ?
Note: This vulnerability differs from the vulnerability publicized in Microsoft
Bulletin MS03-026 (http://www.microsoft.com/technet/security/bulletin/MS03-026.asp).
This is a new vulnerability, and a different patch that must be installed.
<flynngn at jmu.edu> To:
cc: unisog at sans.org
2003/09/10 04:58 Subject: Re: [unisog] New (No kidding) RPC Vulnerability
> Sadly, I can't even come up with something quick and witty to
> say, thanks to my slack-jawed state of disbelief...
> Sooo...good job patching for Blaster everyone...Next!
And just to avoid confusion, it IS a new defect:
The patch fixes both the old and new defects. Doesn't look as
easy to exploit but there is a lot of attention being paid
to it. :(
Security Engineer - Technical Services
James Madison University
More information about the unisog