|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: dcom on wyse WinCE systems
From: James Fields (jvfields
tds.net)
Date: Thu Oct 09 2003 - 16:49:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sorry I can't answer the question directly. However as an anecdote, let me
tell you we have deployed a bunch of Wyse terminals running XP Embedded for
teleworkers. A bunch of them got hit with the following virus:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR_WOMANIZ
.A&VSect=T
This thing did some nasty things to their web browsers and also opened up
IRC connections to a hacker-infested chat server. While investigating the
security level of the Wyse teriminals after that, we found a lot of holes.
A Nessus scan found a bunch of things, many of which at least crashed the
terminals. They also come with VNC loaded on them with a default password
of "wyse." Fun, huh?
----- Original Message -----
From: "cdowns" <cdownsdrippingdead.com>
To: <pen-testsecurityfocus.com>
Sent: Tuesday, October 07, 2003 11:25 AM
Subject: dcom on wyse WinCE systems
> Does anyone know if this is remotely exploitable ? I have not seen any
> information on Wyse WinCE Winterms in the past.. Here is a reference
> link to the device setup im talking about.
>
> http://www.wyse.com/products/winterm/index.htm
>
> Thanks All.
>
> ~!>D
>
>
> --
> - DrippingDead Films -
> downsdrippingdead.com
> http://www.drippingdead.com
> Key fingerprint = 56ED 70FC AF9D 3D98 C908 90F9 D93E 0CA7 290E EE37
>
>
> --------------------------------------------------------------------------
-
> Tired of constantly searching the web for the latest exploits?
> Tired of using 300 different tools to do one job?
> Get CORE IMPACT and get some rest.
> www.coresecurity.com/promos/sf_ept2
> --------------------------------------------------------------------------
--
>
>
---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]