Hosting Provided By

Re: RPC DCOM exploit

From: morning_wood <se_cur_ity(at)hotmail.com>
Date: Fri Aug 01 2003 - 13:03:37 EDT

thanks alot, i was not aware, however i did notice the "univ-offset" version didnt reboot a box in testing last night.

donnie

Original Message ----- From: "Barry Fitzgerald" <bkfsec@sdf.lonestar.org> To: "morning_wood" <se_cur_ity@hotmail.com> Cc: "Peter Fry" <paf@haxed.net>; <incidents@securityfocus.com> Sent: Friday, August 01, 2003 9:51 AM Subject: Re: RPC DCOM exploit

> As an FYI:
looked
> >>like the exploit, sending out about 700 RPC pings per second. About
the
> >>same time, we had a NET SEND
> >>message pop up on our windows boxen advertizing www.freeautobot.com.
> >>Could this be a new tactic to propigate their spamulous message
prompts?
> >>
> >>Peter
> >>
> >>
> >>
> >>
>
>>-------------------------------------------------------------------------
> >>
> >>
> >--
> >
> >
>
>>-------------------------------------------------------------------------
> >>
> >>
> >---
> >
> >
> >>
> >>
> >
>
>--------------------------------------------------------------------------
-
>
>--------------------------------------------------------------------------

--

> >

> >

> >

> >

> >

>

>

>


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Received on Fri Aug 1 14:02:43 2003

This message: [ Message body ]
Next message: MARLON BORBA: "Re: Suspicious firewall logs"
Previous message: De Doncker, Steve: "RE: Command Line RPC vulnerability scanner?"
In reply to Barry Fitzgerald: "Re: RPC DCOM exploit"
Next in thread: wirepair: "Re: RPC DCOM exploit"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:14 EDT