"Paul Tinsley" <[EMAIL PROTECTED]> wrote: > Microsoft owns up to the exploit being usable on 135, 139 and 445, I have > heard rumors of port 80 being vulnerable as well. ...
Brad Bemis is right -- other ports (and not just port 80) associated with IIS _if_ COM Internet Services is enabled are also exploitable. > ... I was curious as to > whether anyone had seen anything using a port other than 135? ... Look for messages by Todd Sabin in Bugtraq and/or NTBugtraq and/or VulnWatch and/or Full-Disclosure for more details. > ... Everything I > have seen discussed here and elsewhere has been 135 specific. Well, it is the most widely supported default interface that is vulnerable. It would be a very unusual machine that is vulnerable on some other port and _NOT_ on 135, so what is the payoff for writing an exploit (at least a "prrof of concept") that tries other ports? Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
