|SUBJECT ||Subject: [hangout] Microsoft RPC hole could lead to DoS attacks Can we fix this with shared source?
|From owner-hangout-desteny-at-mrbrklyn.com Sun Mar 30 22:33:04 2003
Received: from www2.mrbrklyn.com (localhost [127.0.0.1]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h2V3X4qb026094 for ; Sun, 30 Mar 2003 22:33:04 -0500
Received: (from mdom-at-localhost) by www2.mrbrklyn.com (8.12.3/8.12.3/Submit) id h2V3X4NM026092 for hangout-desteny; Sun, 30 Mar 2003 22:33:04 -0500
X-Authentication-Warning: www2.mrbrklyn.com: mdom set sender to owner-hangout-at-www2.mrbrklyn.com using -f
Received: from www2.mrbrklyn.com (localhost [127.0.0.1]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h2V3X4qb026084 for ; Sun, 30 Mar 2003 22:33:04 -0500
Received: (from ruben-at-localhost) by www2.mrbrklyn.com (8.12.3/8.12.3/Submit) id h2V3X35j026083 for hangout-at-www2.mrbrklyn.com; Sun, 30 Mar 2003 22:33:03 -0500
Received: from paix.pilosoft.com ([184.108.40.206]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h2V3Itqb025830; Sun, 30 Mar 2003 22:18:55 -0500
Received: from linux (dsl-38-117-145-134.pilosoft.com [220.127.116.11]) by paix.pilosoft.com (8.11.6/8.11.6) with ESMTP id h2V3Eib01026; Sun, 30 Mar 2003 22:14:44 -0500
Content-Type: text/plain; charset="iso-8859-1"
To: Ruben I Safir , hangout-at-nylxs.com
Subject: [hangout] Microsoft RPC hole could lead to DoS attacks Can we fix this with shared source?
Date: Sun, 30 Mar 2003 22:20:55 -0500
X-MIME-Autoconverted: from quoted-printable to 8bit by mrbrklyn.com id h2V3Itqb025832
List: New Yorkers Linux Scene
Admin: To unsubscribe send unsubscribename-at-domian.com to hangout-request-at-www2.mrbrklyn.com
Microsoft RPC hole could lead to DoS attacks
Reach for the patches unless you use NT
By Arron Rouse: Thursday 27 March 2003, 19:39
REMOTE PROCEDURE CALL (RPC) hacks seem to be flavour of the month. Only a week
ago a major vulnerability was found in the Sun XPR RPC. Now one has been
found in Windows 2000, XP and NT. The hole doesn't allow an attacker to gain
control but it would effectively stop the machine working.
Microsoft has released patches for Windows 2000 and XP. Windows NT users
aren't so lucky. Microsoft claims that NT's architecture makes a patch for
this impossible. The company says that blocking port 135 at your firewall
will stop attackers from being able to use the exploit.
That does leave a large question of what to do with NT servers which are
actively executing RPCs. From the looks of the information on the Microsoft
site, the only safe option would be to move to 2000 or XP.
It does seem faintly suspicious that Microsoft is doing all it can to get NT
users to upgrade to a more recent operating system and that holes are
appearing that can't be patched in NT. Then again, maybe NT really is getting
too old for some fixes. µ
NYLXS: New Yorker Free Software Users Scene
Fair Use -
because it's either fair use or useless....
NYLXS is a trademark of NYLXS, Inc