Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > incidents > 03 > 082018.html (Request Expert securityfocus.com Support)

RE: MSBlast and other known exploits..

From: YAO,TONY (HP-NewZealand,ex1) <tony.yao(at)hp.com>
Date: Wed Aug 13 2003 - 18:14:42 EDT


Information in http://isc.sans.org/diary.html?date=2003-08-09 may help.

Tony

-----Original Message-----

From: Micheal Patterson [mailto:micheal@cancercare.net] Sent: Thursday, 14 August 2003 12:45 a.m. To: incidents@securityfocus.com
Subject: MSBlast and other known exploits..

I've got reports of msblast infection that I've checked and they indeed do have msblast. Also, these systems all have what appears to be a corrupted control panel applet. The normal control panel shows up in a left hand frame and the contents of add/remove programs is missing. Also, various popup windows simply will not open. I've read that there was a known root kit that utilized the same dcom exploit called khat2 (spelling) but I'm not having much luck in locating the symptoms of systems that have been rooted in this manner. Any information would be appreciated. I will be recommending that these systems be blown away and reinstalled from clean media, I'm just looking for some info to verify what's eaten away at these things.

Thank you. 

--

Micheal Patterson
Network Administration
Cancer Care Network
405-733-2230


---------------------------------------------------------------------------


----------------------------------------------------------------------------



---------------------------------------------------------------------------


----------------------------------------------------------------------------
Received on Wed Aug 13 22:32:51 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:16 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library