Yes exploits have been released (source code) and win32 compilied binaries. A worm is expected soon see full-disclosure tread. Happy patching Any1 with snort sig? -----Original Message----- From: Compton, Rich [mailto:RComptonat_private] Sent: 25 July 2003 09:46 PM To: incidentsat_private FYI, ISPs are reporting a dramatic increase in traffic on TCP port 135. No exploit code has been captured as of yet but the increase in traffic on this port probably indicates that exploit code is being executed! Block ports 135 through 139 and 445! More info: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti n/MS 03-026.asp -Rich Compton ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sun Jul 27 2003 - 12:39:56 PDT