|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: RPC DCOM exploit
From: Barry Fitzgerald (bkfsec
sdf.lonestar.org)
Date: Mon Aug 04 2003 - 09:58:11 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hmm...
I haven't seen system log corruption, yet. I'll have to keep my eye out
for that.
I think that the Service Pack has a lot to do with this, or perhaps some
other patch not directly related to MS03-026.
In my latest tests, I've gotten failed processes on Windows 2000 SP2
boxen but Windows 2000 SP3/4 boxen have functioned properly after the
attack - with the attack only working once until a reboot occurs.
-Barry
Peter Fry wrote:
>>Is anyone else on the list seeing that at least some of their target
>>systems are not rebooting after executing this code?
>>
>>
>
>yeah, two of our machines didn't reboot, but they did get their system
>logs corrupted, so i'm thinking they did get affected to some extent.
>Maybe if the machines are patched it does that much but does not reboot?
>
>
>
>
>
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]