On 12 August 2003 18:22, Rex Gaylord wrote: > Is anybody else getting attacks on Port 135 that is related to this > new virus and do you know if we are vulnerable. It looks like it only > infects windows machines to me so far?
1. Yes 2. No [see below] 3. Indeed, it is another worm exploiting another vulnerability in the underlying Windows subsystems (this time it's the RPC subsystem, crucial to normal operation). [note] If you're running a publically-accessible Samba server (on a Qube, for example), it _might_ cause a local service DoS if it manages to make the daemon crash. It won't, however, exploit it since the hole is in Windows, not Samba, code. Graeme _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
