Full Disclosure mailing list archives

Re: MS RPC remote exploit.

From: Stephen <alf1num3rik () yahoo com>
Date: Thu, 9 Oct 2003 06:45:23 -0700 (PDT)


--- Sudharsha Wijesinghe <sudharsha () digitalhouse lk>
wrote:

According to MS there cant be any Remote exploit on
MS RPC except for a
DOS attack using 139/135/445.
How ever the code is available for a shell code.
has any one tried this exploit?


no remote exploit ?

http://www.k-otik.com/exploits/10.09.rpc2universal.c.php
http://www.k-otik.com/exploits/09.20.rpcdcom2ver1.1.c.php
http://lists.netsys.com/pipermail/full-disclosure/2003-September/009848.html

in MS03-039 we can see : 

...There are three newly identified vulnerabilities in
the part of RPCSS ...two that could allow arbitrary
code execution and one that could result in a denial
of service"

Regards.

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

MS RPC remote exploit. Sudharsha Wijesinghe (Oct 09)
- Re: MS RPC remote exploit. Patrick Brauch (Oct 09)
  - Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? opticfiber (Oct 09)
    - Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Russell Fulton (Oct 09)
    - Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Vladimir Parkhaev (Oct 09)
    - Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Patrick Brauch (Oct 09)
- Re: MS RPC remote exploit. Kilian CAVALOTTI (Oct 09)
- RE: MS RPC remote exploit. Nathan (Oct 09)
- Re: MS RPC remote exploit. Stephen (Oct 09)
  - RE: [inbox] Re: MS RPC remote exploit. Curt Purdy (Oct 09)
- SV: MS RPC remote exploit. Peter Kruse (Oct 09)
  - Re: SV: MS RPC remote exploit. Telefónica Deutschland (Oct 09)
- <Possible follow-ups>
- RE: MS RPC remote exploit. Trey Mujakporue/UK/Tesco (Oct 10)