Windows 98 SE; Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-02-18 12:52 EST PORT STATE SERVICE 139/tcp open netbios-ssn 427/tcp open svrloc [root@dsg root]# ./MS04-007-dos 10.187.5.57 139 [root@dsg root]# nmap 10.187.5.57 Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-02-18 12:52 EST PORT STATE SERVICE 139/tcp open netbios-ssn -- Joshua Levitsky, MCSE, CISSP System Engineer http://www.foist.org/ [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] ----- Original Message ----- From: "WebHead" <webheadport80@yahoo.com> To: <bugtraq@securityfocus.com> Sent: Tuesday, February 17, 2004 12:38 AM Subject: Re: Microsoft ASN.1 (Half a sploit) > In-Reply-To: <20040215130958.17364.qmail@www.securityfocus.com> > > FYI... > > The DoS exploit for ms04-007 works successfully on WS03 /W2K3 and W2K AdvServer with SP3. > > WebHead > > > > >Received: (qmail 15182 invoked from network); 16 Feb 2004 16:42:00 -0000 > >Received: from outgoing3.securityfocus.com (205.206.231.27) > > by mail.securityfocus.com with SMTP; 16 Feb 2004 16:42:00 -0000 > >Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) > > by outgoing3.securityfocus.com (Postfix) with QMQP > > id 7F664A30D6; Mon, 16 Feb 2004 11:09:14 -0700 (MST) > >Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm > >Precedence: bulk > >List-Id: <bugtraq.list-id.securityfocus.com> > >List-Post: <mailto:bugtraq@securityfocus.com> > >List-Help: <mailto:bugtraq-help@securityfocus.com> > >List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> > >List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> > >Delivered-To: mailing list bugtraq@securityfocus.com > >Delivered-To: moderator for bugtraq@securityfocus.com > >Received: (qmail 20023 invoked from network); 15 Feb 2004 07:01:17 -0000 > >Date: 15 Feb 2004 13:09:58 -0000 > >Message-ID: <20040215130958.17364.qmail@www.securityfocus.com> > >Content-Type: text/plain > >Content-Disposition: inline > >Content-Transfer-Encoding: binary > >MIME-Version: 1.0 > >X-Mailer: MIME-tools 5.411 (Entity 5.404) > >From: K-OTiK Security <Special-Alerts@k-otik.com> > >To: bugtraq@securityfocus.com > >Subject: Re: Microsoft ASN.1 (Half a sploit) > > > >In-Reply-To: <200402132315.i1DNFYAa067379@mailserver1.hushmail.com> > > > >Note that the SANS said "This Exploit appears to work only against Windows 2000 Professional..." > > > >We say : works against Windows 2000 & Windows XP > > > >other versions ? 2k3 ? > > > >References > >http://www.k-otik.com/exploits/02.14.MS04-007-dos.c.php > >http://isc.sans.org/diary.html > > > >Regards. > >K-OTik Staff > >http://www.k-otik.com > > > > > > >
