Yeah, but the original poster 3APA3A withheld the actual exploit, which is available on that site.
----- Original Message ----- From: "Vladimir Parkhaev" <[EMAIL PROTECTED]> > > Funny enough, it is a russian translatiion of the original message you > replying to: > > > > ----- Original Message ----- > > From: "3APA3A" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > > <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Friday, October 10, 2003 6:48 PM > > Subject: Bad news on RPC DCOM vulnerability > > > > > > > Dear [EMAIL PROTECTED], > > > > > > There are few bad news on RPC DCOM vulnerability: > > > > > > 1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is > > > again actual. > > > 2. It was reported by exploit author (and confirmed), Windows XP SP1 > > > with all security fixes installed still vulnerable to variant of the > > > same bug. Windows 2000/2003 was not tested. For a while only DoS exploit > > > exists, but code execution is probably possible. Technical details are > > > sent to Microsoft, waiting for confirmation. > > > > > > Dear ISPs. Please instruct you customers to use personal fireWALL in > > > Windows XP. > > > > > > -- > > > http://www.security.nnov.ru > > > /\_/\ > > > { , . } |\ > > > +--oQQo->{ ^ }<-----+ \ > > > | ZARAZA U 3APA3A } > > > +-------------o66o--+ / > > > |/ > > > You know my name - look up my number (The Beatles) > > > > > > > > > > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
