it is in the wild and very very effective, in random testing im findin 80% of all XP/2k boxes affected... Donnie Werner http://exploitlabs.com ----- Original Message ----- From: "Compton, Rich" <RComptonat_private> To: <incidentsat_private> Sent: Friday, July 25, 2003 12:45 PM Subject: Exploit for Windows RPC may be in the wild! > FYI, > ISPs are reporting a dramatic increase in traffic on TCP port 135. No > exploit code has been captured as of yet but the increase in traffic on this > port probably indicates that exploit code is being executed! Block ports > 135 through 139 and 445! > > More info: > http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS > 03-026.asp > > -Rich Compton > > > ------------------------------------------------------------------------- -- > ------------------------------------------------------------------------- --- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jul 28 2003 - 09:56:25 PDT