In-Reply-To: <1155962754.20031010184852@SECURITY.NNOV.RU> as confirmed by 3APA3A and security labs, it seems that the public exploit *works* even if the patch MS03-039 is *installed* This is a highly critical vulnerability - users MUST block vulnerable ports ! Regards. K-OTik Staff /\\/ http://wwww.k-otik.com >From: 3APA3A <3APA3A@SECURITY.NNOV.RU> > >Dear bugtraq@securityfocus.com, > >There are few bad news on RPC DCOM vulnerability: > >1. Universal exploit for MS03-039 exists in-the-wild, PINK FLOYD is >again actual. >2. It was reported by exploit author (and confirmed), Windows XP SP1 >with all security fixes installed still vulnerable to variant of the >same bug. Windows 2000/2003 was not tested. For a while only DoS exploit >exists, but code execution is probably possible. Technical details are >sent to Microsoft, waiting for confirmation. > >Dear ISPs. Please instruct you customers to use personal fireWALL in >Windows XP.
