Hi, Systems already updated are not vulnerable to this exploit. The new code is simply improved and is now more "universal". It doesn�t make use of static addresses for jumps which makes the improved code much more dangerous since it will be effective on a large range of different vulnerable Microsoft Windows operativ systems.
Kind regards // Med venlig hilsen Peter Kruse CSIS / Kruse Security ApS http://www.krusesecurity.dk - www.csis.dk > -----Oprindelig meddelelse----- > Fra: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] P� vegne af > Sudharsha Wijesinghe > Sendt: 9. oktober 2003 14:42 > Til: [EMAIL PROTECTED] > Emne: [Full-Disclosure] MS RPC remote exploit. > > > According to MS there cant be any Remote exploit on MS RPC > except for a DOS attack using 139/135/445. How ever the code > is available for a shell code. has any one tried this exploit? > > Sudharsha > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
