|
Full Disclosure
mailing list archives
Re: MS03-039 has been released - critical
From: "Exibar" <exibar () thelair com>
Date: Wed, 10 Sep 2003 15:05:34 -0400
To add to my previous reply. The DoS is the only thing in MS03-039 that is
"old". The two buffer overflows are brand new and are not the same as
MS03-026. These are the real dangers here, not that the DoS isn't
dangerous, but the buffer overflows are the keys to the security alert.
Does anyone know if there is a 'sploit for the buffer overflows in the
wild?
Exibar
----- Original Message -----
From: "Mike Tancsa" <mike () sentex net>
To: "Exibar" <exibar () thelair com>; <full-disclosure () lists netsys com>
Sent: Wednesday, September 10, 2003 2:54 PM
Subject: Re: [Full-disclosure] MS03-039 has been released - critical
http://xforce.iss.net/xforce/alerts/id/152 says,
"The new DoS vulnerability was disclosed by a hacking group in China on
July 25, 2003, and functional exploit code is already in use on the
Internet. "
---Mike
At 01:41 PM 10/09/2003, Exibar wrote:
anyone know of a 'sploit for this one yet? Or even proof of concept
code?
----- Original Message -----
From: "Ryan, Pete" <pete.ryan () thomson com>
To: <full-disclosure () lists netsys com>
Sent: Wednesday, September 10, 2003 12:23 PM
Subject: [Full-disclosure] MS03-039 has been released - critical
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/
bulletin/MS03-039.asp
-Pete
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
|
Intro
