My point was to clarify if these reports are especially related to NT4 machines
and the reply states they are.
I.e. when word 'NT4' was used in the title I made a conclusion that there was
observations about infected NT4 machines.
Absolutely the exploit will work on W2K boxes.
BTW: Can someone confirm that Netapi32.dll (vulnerable component of MS06-040)
is part of fully patched NT4.0 installation.
Thanks.
- Juha-Matti
H D Moore <[EMAIL PROTECTED]> wrote:
The exploit for NT 4.0 is *exactly* the same packet as the one you would
also use on Windows 2000. I am suprised that this is considered a "NT 4"
worm and not a "Windows 2000 (+NT 4.0)" worm. Is something specific about
the exploit they use that prevents it from working on Windows 2000?
-HD
On Wednesday 30 August 2006 10:11, Juha-Matti Laurio wrote:
> Are the machines you have experience especially NT4.0 machines?
> It appears that one of the PoC's (public on Monday 28th Aug) lists the
> following information: "Systems Affected:
> * Microsoft Windows 2000 SP0-SP4
> * Microsoft Windows XP SP0-SP1
> * Microsoft Windows NT 4.0"
>
> but reportedly it is tested against XPSP1 and W2KSP4 systems.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
