Forwarded from: "Marc Maiffret" <marcat_private> Due to the recent release of multiple exploits for the very serious Microsoft RPC/DCOM vulnerability (http://www.microsoft.com/security/security_bulletins/ms03-026.asp) we have decided to release a free scanning tool that will allow administrators to check to see if DCOM is enabled on remote machines, and also if the remote system is vulnerable (patched or not). The original vulnerability was discovered by the very talented researchers at LSD. You definitely should read their advisory at: http://www.lsd-pl.net/ if you have not already. This scanning tool does NOT require administrator access. There are various commercial, and open source, scanners which check for this vulnerability. However, those tools either require administrator access (which will be non-existent at any large company with a large number of IP's) or the tools will be intrusive in their testing and therefore bring down servers. Our check does not require administrator access, nor is our check intrusive in bringing down servers. If you find any bugs in the tool please contact eEye Digital Security via the email support option within the tool. Do not respond to this eMail list as it is not the proper forum. You can get the tool at: http://www.eeye.com P.S. Users of Retina (Network Security Scanner) have already had this check within the latest Retina updates. Signed, Marc Maiffret Co-Founder/Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jul 28 2003 - 06:27:14 PDT