MESSAGE
DATE | 2003-03-30 |
FROM | vin
|
SUBJECT | Subject: [hangout] Microsoft RPC hole could lead to DoS attacks Can we fix this with shared source?
|
From owner-hangout-desteny-at-mrbrklyn.com Sun Mar 30 22:33:04 2003 Received: from www2.mrbrklyn.com (localhost [127.0.0.1]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h2V3X4qb026094 for ; Sun, 30 Mar 2003 22:33:04 -0500 Received: (from mdom-at-localhost) by www2.mrbrklyn.com (8.12.3/8.12.3/Submit) id h2V3X4NM026092 for hangout-desteny; Sun, 30 Mar 2003 22:33:04 -0500 X-Authentication-Warning: www2.mrbrklyn.com: mdom set sender to owner-hangout-at-www2.mrbrklyn.com using -f Received: from www2.mrbrklyn.com (localhost [127.0.0.1]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h2V3X4qb026084 for ; Sun, 30 Mar 2003 22:33:04 -0500 Received: (from ruben-at-localhost) by www2.mrbrklyn.com (8.12.3/8.12.3/Submit) id h2V3X35j026083 for hangout-at-www2.mrbrklyn.com; Sun, 30 Mar 2003 22:33:03 -0500 Received: from paix.pilosoft.com ([216.66.12.246]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h2V3Itqb025830; Sun, 30 Mar 2003 22:18:55 -0500 Received: from linux (dsl-38-117-145-134.pilosoft.com [38.117.145.134]) by paix.pilosoft.com (8.11.6/8.11.6) with ESMTP id h2V3Eib01026; Sun, 30 Mar 2003 22:14:44 -0500 Content-Type: text/plain; charset="iso-8859-1" From: vin To: Ruben I Safir , hangout-at-nylxs.com Subject: [hangout] Microsoft RPC hole could lead to DoS attacks Can we fix this with shared source? Date: Sun, 30 Mar 2003 22:20:55 -0500 User-Agent: KMail/1.4.3 MIME-Version: 1.0 Message-Id: <200303302220.55642.vin-at-nylxs.com> Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mrbrklyn.com id h2V3Itqb025832 Sender: owner-hangout-at-mrbrklyn.com Precedence: bulk Reply-To: vin List: New Yorkers Linux Scene Admin: To unsubscribe send unsubscribename-at-domian.com to hangout-request-at-www2.mrbrklyn.com X-Evolution: 0000002b-0000 X-Keywords: X-UID: 11269 Status: RO Content-Length: 1385 Lines: 33
http://www.theinquirer.net/?article=8576
Microsoft RPC hole could lead to DoS attacks
Reach for the patches unless you use NT
By Arron Rouse: Thursday 27 March 2003, 19:39 REMOTE PROCEDURE CALL (RPC) hacks seem to be flavour of the month. Only a week ago a major vulnerability was found in the Sun XPR RPC. Now one has been found in Windows 2000, XP and NT. The hole doesn't allow an attacker to gain control but it would effectively stop the machine working.
Microsoft has released patches for Windows 2000 and XP. Windows NT users aren't so lucky. Microsoft claims that NT's architecture makes a patch for this impossible. The company says that blocking port 135 at your firewall will stop attackers from being able to use the exploit.
That does leave a large question of what to do with NT servers which are actively executing RPCs. From the looks of the information on the Microsoft site, the only safe option would be to move to 2000 or XP.
It does seem faintly suspicious that Microsoft is doing all it can to get NT users to upgrade to a more recent operating system and that holes are appearing that can't be patched in NT. Then again, maybe NT really is getting too old for some fixes. ยต
____________________________ NYLXS: New Yorker Free Software Users Scene Fair Use - because it's either fair use or useless.... NYLXS is a trademark of NYLXS, Inc
|
|