Just 4 info: I compiled dcom.c on linux and tried it against a Windows 2000 SP4, german version.
The exploit failed (maybe I need some offset adjustments for the german version of Win2k) but after that I noticed some malfunctions: - The windows explorer was not able to perform drag'n drop any more. When I tried to drag a file somewehere nothing happened. - The media player failed. The window came up and closed itself after a few seconds. ... don't know what else failed... So even when then exploit failed it may seriously disturb the windows functionality. A massive scan for vulnerable windows systems on the net may become the character of an DoS attack even without any successful exploit. Ciao Marcus -- Windows is not the answer. Windows is the question and the answer is no. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
