Exploit code can be found here: http://www.securitylab.ru/40754.html
This code work with all security fixes. It's very dangerous. ----- Original Message ----- From: "3APA3A" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, October 10, 2003 6:48 PM Subject: Bad news on RPC DCOM vulnerability > Dear [EMAIL PROTECTED], > > There are few bad news on RPC DCOM vulnerability: > > 1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is > again actual. > 2. It was reported by exploit author (and confirmed), Windows XP SP1 > with all security fixes installed still vulnerable to variant of the > same bug. Windows 2000/2003 was not tested. For a while only DoS exploit > exists, but code execution is probably possible. Technical details are > sent to Microsoft, waiting for confirmation. > > Dear ISPs. Please instruct you customers to use personal fireWALL in > Windows XP. > > -- > http://www.security.nnov.ru > /\_/\ > { , . } |\ > +--oQQo->{ ^ }<-----+ \ > | ZARAZA U 3APA3A } > +-------------o66o--+ / > |/ > You know my name - look up my number (The Beatles) > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html