|
Did anybody else notice that the SecurityFocus site had the LSASS code you mentioned below posted for a few days and now it is gone? Did they change the name of the post under the vulnerability section or just remove it? If they removed it then it makes me wonder why.
James Cupps -----Original Message-----
Handler's Diary April 26th 2004 " An exploit targeting the recently released vulnerability in Windows' Active Directory service functions in LSASRV.DLL (LSASS: Local Security Authority Subsystem Service) was made public today. The exploit is effective against some versions of Windows 2000 with SP3 or SP4 installed. The patch released earlier this month as part of MS04-011 will fix this vulnerability. If you have not done so already, please apply the MS04-011 patch as soon as possible. Even if no worm is released, we expect that all Internet facing systems will be probed with this exploit over the next couple of days. The exploit will allow full remote control via a remote shell. The port used by the remote shell can be changed via a command line option. we just received a report of the exploit being used in the wild. " really dangerous !
Do you Yahoo!? This message may contain information which is private, privileged or confidential and is intended solely for the use of the individual or entity named in the message. If you are not the intended recipient of this message, please notify the sender thereof and destroy / delete the message. Neither the sender nor Sappi Limited (including its subsidiaries and associated companies) shall incur any liability resulting directly or indirectly from accessing any of the attached files which may contain a virus or the like. |
