On Mon, Aug 11, 2003 at 05:43:36PM -0600, Alec H. Peterson wrote: > This plugin says that MS03-026 does not address this vulnerability. I'm > under the impression that the current RPC/DCOM worm making its way across > the 'net exploits this vulnerability, however many of the security > bulletins say that MS03-026 addresses this issue.
There have recently been two separate problems with Microsoft's RPC implementation: o a buffer overflow (see <http://www.kb.cert.org/vuls/id/568148>) addressed by MS03-026, detected in a non-intrusive way by msrpc_dcom.nasl, and currently being exploited by the recent Blaster / Lovsan / MSBlast worm. o a DoS (see <http://www.kb.cert.org/vuls/id/326746>), detected by dcom_rpc_dos.nasl (although it will crash COM-related things), not yet patchable, and not to my knowledge being abused. Hope this helps, George -- [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
