RE: [msblast/LovSan] Detection

From: Jacob McMaster <jmcmaster(at)appliedsystems.com>
Date: Tue Aug 12 2003 - 12:00:49 EDT

Same problems here but after loading the patch and then ruuning a scan using trend micro and the issue went away

-----Original Message-----
From: Frederic Gaillard [mailto:FGaillard@chasseneuil.actaris.com] Sent: Tuesday, August 12, 2003 8:55 AM
To: focus-ms@securityfocus.com
Subject: [msblast/LovSan] Detection

Hello,

I've got many users complaining with svchost.exe error messages, and several applications which crashed.
But we've ran a scan with the latest NAI DAT (i.e. 4284), and it found nothing.
We also use the NAI's stinger tool or Symantec's FixBlast.exe tool, but they did not find anything...

Has smby else got a lot of troubles today which such behaviours (which should be caused by this worm), but was not able to detect this worm?

Regards,
Fred

---

Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products.
Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms

---

---

Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products.
Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms

---

Received on Tue Aug 12 14:12:39 2003