NETANN-L Archives

- NETANN-L - Networkmaine Network Announcement List

NETANN-L@LISTS.MAINE.EDU
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
FW: Multiple MS RPC DCOM SubSystem Vulnerabilities Alert ---- AGAIN
From:
"Letourneau, Jeff" <[log in to unmask]>
Reply To:
- NETANN-L - UNET Network Announcement List <[log in to unmask]>
Date:
Wed, 10 Sep 2003 13:35:00 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (84 lines) 
Just when you thought you had all your patches up to date...
Microsoft has rated this as a critical update so PLEASE apply as soon as
possible.


Jeff
--
Jeffrey Letourneau
Manager of Network Operations
University Network - UNET
University of Maine System


-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]]
Sent: Wednesday, September 10, 2003 1:11 PM
To: [log in to unmask]; [log in to unmask]
Subject: FWD: Multiple MS RPC DCOM SubSystem Vulnerabilities Alert


The MS link for this is here:

http://www.microsoft.com/technet/security/bulletin/MS03-039.asp

Folks seems to be taking this seriously.

Phil

=======================================
Philip A. Rodrigues
Network Analyst, UITS
University of Connecticut

email: [log in to unmask]
phone: 860.486.3743
fax: 860.486.6580
web: http://www.security.uconn.edu
=======================================




-----Forwarded by Phil Rodrigues/ITS/InformationServices/UConn on
09/10/2003 01:25PM -----

To: [log in to unmask]
From: Symantec Alert <[log in to unmask]>
Date: 09/10/2003 12:46PM
Subject: Multiple MS RPC DCOM SubSystem Vulnerabilities Alert

Name:     Multiple MS RPC DCOM SubSystem Vulnerabilities Alert
Location: https://tms.symantec.com/members/ViewAR.asp?ReportID=1439
Summary:  Microsoft has released Security Bulletin MS03-039 detailing
          remotely exploitable vulnerabilities in the RPC DCOM subsystem
          implemented by the Windows family of operating systems. The
          RPC DCOM subsystem is reportedly vulnerable to two remotely
          exploitable buffer overflows and another overflow that may be
          exploited to launch a denial of service against a vulnerable
          host.

          At the time of this writing, no exploit code targeting this
          vulnerability is publicly available. However, given the
          scrutiny that the Microsoft RPC DCOM subsystem has received
          from the security community in recent weeks due to the
          Microsoft Windows RPC DCOM Interface Buffer Overflow
          Vulnerability (BID 8205), the Threat Analyst Team believes
          that it is only a matter of days before a working exploit
          becomes available.

          Administrators are urged to apply fixes provided by Microsoft
          or follow the mitigating strategies outlined in the bulletin
          and the Mitigating Strategies section of this document.



                          Symantec Corporation
The World Leader in Internet Security Technology and Early Warning
Solutions
                  Visit our website at www.symantec.com

-----
 Real-time Interaction Management Services from EnvoyWorldWide
Visit http://www.envoyworldwide.com

ATOM RSS1 RSS2