I don't know if this covers what's already been said about DCOM worms... Forwarded message: > From [EMAIL PROTECTED] Tue Aug 12 08:42:31 2003 > Message-Id: <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > From: X-Force <[EMAIL PROTECTED]> > Subject: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation > Sender: [EMAIL PROTECTED] > Errors-To: [EMAIL PROTECTED] > X-BeenThere: [EMAIL PROTECTED] > X-Mailman-Version: 2.0.8 > Precedence: bulk > List-Help: <mailto:[EMAIL PROTECTED]> > List-Post: <mailto:[EMAIL PROTECTED]> > List-Subscribe: <https://atla-mm1.iss.net/mailman/listinfo/alert>, > <mailto:[EMAIL PROTECTED]> > List-Id: ISS security alert advisories <alert.iss.net> > List-Unsubscribe: <https://atla-mm1.iss.net/mailman/listinfo/alert>, > <mailto:[EMAIL PROTECTED]> > List-Archive: <https://atla-mm1.iss.net/mailman/private/alert/> > Date: Mon, 11 Aug 2003 18:19:34 -0400 (EDT) > Content-Length: 3029 > > -----BEGIN PGP SIGNED MESSAGE----- > > Internet Security Systems Security Brief > August 11, 2003 > > "MS Blast" MSRPC DCOM Worm Propagation > > Synopsis: > > ISS X-Force has captured active samples of an automated Internet worm that > propagates via the MS RPC DCOM vulnerability documented in ISS X-Force > Alert titled "Flaw in Microsoft Windows RPC Implementation" > (http://xforce.iss.net/xforce/alerts/id/147). This worm is currently > propagating aggressively across the Internet. > > Impact: > > Any vulnerable desktop or server connected to the Internet may be > vulnerable to attack. All Windows 2000, Windows XP and Windows NT 4.0 > computers that have not been patched are vulnerable to attack from the > automated worm, or manual attack. X-Force believes that hundreds of > thousands of computers may still be vulnerable. Unsuccessful propagation > attempts may crash vulnerable computers, or render them unstable. > Successful worm outbreaks have been known to cause significant localized > network latency, and widespread denial of service. > > For the complete ISS X-Force Security Alert, please visit: > http://xforce.iss.net/xforce/alerts/id/150 > > ______ > > About Internet Security Systems (ISS) > Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a > pioneer and world leader in software and services that protect critical > online resources from an ever-changing spectrum of threats and misuse. > Internet Security Systems is headquartered in Atlanta, GA, with > additional operations throughout the Americas, Asia, Australia, Europe > and the Middle East. > > Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved > worldwide. > > Permission is hereby granted for the electronic redistribution of this > document. It is not to be edited or altered in any way without the > express written consent of the Internet Security Systems X-Force. If you > wish to reprint the whole or any part of this document in any other > medium excluding electronic media, please email [EMAIL PROTECTED] for > permission. > > Disclaimer: The information within this paper may change without notice. > Use of this information constitutes acceptance for use in an AS IS > condition. There are NO warranties, implied or otherwise, with regard to > this information or its use. Any use of this information is at the > user's risk. In no event shall the author/distributor (Internet Security > Systems X-Force) be held liable for any damages whatsoever arising out > of or in connection with the use or spread of this information. > X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, > as well as at http://www.iss.net/security_center/sensitive.php > Please send suggestions, updates, and comments to: X-Force > [EMAIL PROTECTED] of Internet Security Systems, Inc. > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBPzgWTDRfJiV99eG9AQHkdAP7BPhuanDAaLYanBfNnNIdA/KnxATeElA9 > Xa9Udl/mEXG6Qvzd0t0UzVRWiACmJ69DXoM6FNwER0eOJ+pCDYmydPfMKLxGfNSo > VvI3K9xpvpNCY3VS5OsHIn85Gjiy0tmRByR1SMV7gNJOBmcX4kRXNiJGxi1WLzq/ > pCTkGUzayAQ= > =kUpi > -----END PGP SIGNATURE----- >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html