i think the severity of the RPC exploit cannot be diminished.. this is the worst remote root compromise i have ever seen and i am literlaly screaming at everyone i know to patch ASAP. the thought of media attention sonded plausable.. this should be on the nightly news for the next 2 days minumum. The ease and swiftness of the exploit makes it second to none in the potential damage.. as you point out..
> Then I ran the win32 binary I compiled from from the c code posted to this list > against that list of ips. > I assumed that most XP boxes would be SP1. > I got 6 command prompts. > I then ran the same binary looking for Xp with Sp0. > I got 156 command prompts. > i too have experienced these percentages in a block of ip addresses .. "shocked and awed" Donnie Werner http://e2-labs.com http://exploitlabs.com PATCH FOR RPC NOW !!! buh bye _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html