RE: MSBlast and other known exploits..

From: James C. Slora, Jr. (Jim.Sloraat_private)
Date: Wed Aug 13 2003 - 08:27:28 PDT

Next message: Jeremiah Cornelius: "Re: MSBLASTER Infecting despite 03-026 patch?"

Previous message: Alon Tirosh: "FW: rpc dcom worm and windowsupdate"
Maybe in reply to: Micheal Patterson: "MSBlast and other known exploits.."
Next in thread: YAO,TONY (HP-NewZealand,ex1): "RE: MSBlast and other known exploits.."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Micheal Patterson wrote

> ...I've read that there was a known root kit
> that utilized the same dcom exploit called khat2 (spelling) 
> but I'm not having much luck in locating the symptoms of systems that 
> have been rooted in this manner. Any information would be appreciated.

Info on KaHT II from Bugtraq:
http://www.securityfocus.com/archive/1/332632/2003-08-10/2003-08-16/0
 

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Jeremiah Cornelius: "Re: MSBLASTER Infecting despite 03-026 patch?"
Previous message: Alon Tirosh: "FW: rpc dcom worm and windowsupdate"
Maybe in reply to: Micheal Patterson: "MSBlast and other known exploits.."
Next in thread: YAO,TONY (HP-NewZealand,ex1): "RE: MSBlast and other known exploits.."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 13 2003 - 17:51:43 PDT