Isn't this a bit different than simply a DoS though? Although, now that I'm thinking about it, this one combines ms03-026 with the DoS that was found to be the RPC service failing. M$ makes it sound like this is 100% but if your patched with MS03-026, your safe from all but the DoS. Is that what everyone else reads into the alert as well?
Exibar ----- Original Message ----- From: "Mike Tancsa" <[EMAIL PROTECTED]> To: "Exibar" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, September 10, 2003 2:54 PM Subject: Re: [Full-Disclosure] MS03-039 has been released - critical > > http://xforce.iss.net/xforce/alerts/id/152 says, > > "The new DoS vulnerability was disclosed by a hacking group in China on > July 25, 2003, and functional exploit code is already in use on the > Internet. " > > ---Mike > > > At 01:41 PM 10/09/2003, Exibar wrote: > >anyone know of a 'sploit for this one yet? Or even proof of concept code? > > > > > >----- Original Message ----- > >From: "Ryan, Pete" <[EMAIL PROTECTED]> > >To: <[EMAIL PROTECTED]> > >Sent: Wednesday, September 10, 2003 12:23 PM > >Subject: [Full-Disclosure] MS03-039 has been released - critical > > > > > > > > > > > >http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security / > > > bulletin/MS03-039.asp > > > > > > -Pete > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
