I've written a unix (Linux and Solaris) network scanner for the second
MS DCOM DCE RPC vulnerability, MS03-039. It can differentiate between
unpatched for either dcom hole, patched for first, and patched for second.
It has a normal mode for checking one ip, a subnet mode, and a quiet mode
for use in scripts or CGIs. The source code is available at:
http://udel.edu/~doke/dcom2/
Suggestions and constructive criticism are invited.
Cheers,
Doke
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
