[unisog] New (No kidding) RPC Vulnerability

Dax dax at resnet.ucsb.edu
Thu Sep 11 16:59:37 GMT 2003


	It does in fact supersede the previous patch, and repairs both
RPC flaws.

/Dax

On Thu, 11 Sep 2003, WENDY SHIH wrote:

> 
> Hi, I just read the Eeye article.  I don't think this patch fix the
> previous vulnerability ? Can someone confirm it ?
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
>     Note: This vulnerability differs from the vulnerability publicized in Microsoft        
>     Bulletin MS03-026 (http://www.microsoft.com/technet/security/bulletin/MS03-026.asp).   
>     This is a new vulnerability, and a different patch that must be installed.             
>                                                                                            
>                                                                                            
>                                                                                            
>                                                                                            
> 
> 
> 
> 
>                                                                                                             
>                       Gary Flynn                                                                            
>                       <flynngn at jmu.edu>        To:                                                          
>                                                cc:       unisog at sans.org                                    
>                       2003/09/10 04:58         Subject:  Re: [unisog] New (No kidding) RPC Vulnerability    
>                       PM                                                                                    
>                                                                                                             
>                                                                                                             
> 
> 
> 
> 
> 
> 
> Dax wrote:
> 
> >            Sadly, I can't even come up with something quick and witty to
> > say, thanks to my slack-jawed state of disbelief...
> >
> > http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
> > http://www.microsoft.com/security/security_bulletins/MS03-039.asp
> >
> >            Sooo...good job patching for Blaster everyone...Next!
> 
> And just to avoid confusion, it IS a new defect:
> http://www.eeye.com/html/Research/Advisories/AD20030910.html
> 
> The patch fixes both the old and new defects. Doesn't look as
> easy to exploit but there is a lot of attention being paid
> to it. :(
> 
> --
> Gary Flynn
> Security Engineer - Technical Services
> James Madison University
> 
> Please R.U.N.S.A.F.E.
> http://www.jmu.edu/computing/runsafe
> 
> 
> 
> 
> 
> 
> 





More information about the unisog mailing list