Re: Command Line RPC vulnerability scanner?


Welcome to the Virus.Org Mailing List Archive

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

To: [EMAIL PROTECTED]
Subject: Re: Command Line RPC vulnerability scanner?
From: Thorsten Holz <[EMAIL PROTECTED]>
Date: Mon, 04 Aug 2003 20:47:23 +0200
In-reply-to: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>

On Mon Aug  4 11:08:42 2003 Jay Woody wrote:

> I have seen 135, 137, 139, 445, 80/443 (any IIS box with COM Internet
> Services installed is what [EMAIL PROTECTED] reported) and also
> according to [EMAIL PROTECTED] any machine that has RPC over HTTP is
> exploitable on 593 tcp/udp as well.  I could swear that I even
> remember seeing 4444 in one person's e-mail now, but I can't find it
> to attribute it.  Sorry.

dcom.c binds a shell on port 4444 - probably you saw this email...

Just my 2 cent,
  Thorsten

Attachment: pgpZvyivE84T5.pgp
Description: PGP signature

References:
- RE: Command Line RPC vulnerability scanner?
  - From: Jay Woody

Prev by Date: RE: WORM_MIMAIL.A Anyone have any info on what this does yet?
Next by Date: Re: WORM_MIMAIL.A Anyone have any info on what this does yet?
Previous by thread: RE: Command Line RPC vulnerability scanner?
Next by thread: Re: Scan of TCP 552-554
Index(es):
- Main
- Thread

Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.