PDA

View Full Version : RPC DCOM Exploit - Time to get that patch done



Babe Ruth
17-09-2003, 05:32 PM
RPC DCOM Exploit (MS03-039)

If you have NOT patched your systems (Windows NT, 2000, XP, 2003) for the RPC DCOM vulnerabilities, you had better get it done - now. A possible/probable exploit code has been published on the web and discussion is heating up on numerous groups that would take advantage of such code.

The patch is available from Microsoft Here (http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp) or from the Windows Update site Win_Update (http://v4.windowsupdate.microsoft.com/en/default.asp)

For your edification here is a pointer to the code being discussed - to utililise this vulnerability:
RPC DCOM long filename heap overflow Exploit (MS03-039) Exploit_Code_Example (http://www.k-otik.com/exploits/09.16.MS03-039-exp.c.php)

So ... get patching!

Babe.

kiwibeat
17-09-2003, 06:26 PM
Just as well I am still on 98SE its a pain on a 56k modem d/loading anything

CYaBro
17-09-2003, 06:27 PM
I would also go here (http://grc.com/dcom) and download the DCOMbobulator.