Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


RE: [Fwd: [EXPLOIT] Microsoft IIS SSL Remote Denial of Service Ex ploit (MS04-011)]
.

  • To: "Patch Management Mailing List" <[EMAIL PROTECTED]>
  • Subject: RE: [Fwd: [EXPLOIT] Microsoft IIS SSL Remote Denial of Service Ex ploit (MS04-011)]
  • From: "Davis, Matt" <[EMAIL PROTECTED]>
  • Date: Wed, 14 Apr 2004 12:11:43 -0500
  • Cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
  • Reply-to: "Patch Management Mailing List" <[EMAIL PROTECTED]>
.
 
[Moderator's Note: Closing this thread unless we move back to patch-focused discussion.]


It was actually released to the Full Disclosure list a few hours ago.
Credit should go to 21sec.com, not K-oTiK.... 

At least its not remote execute exploit code.

Does anyone have any Snort signatures based off of this yet?

Matt Davis, MCSE:  Security
Client Server Business Support
309-821-6288 (P) / 309-821-5800 (F)
COUNTRY Insurance & Financial Services
1711 G.E. Road, Bloomington, IL 61702
www.countryfinancial.com


-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 14, 2004 11:54 AM
To: Patch Management Mailing List
Subject: [Fwd: [EXPLOIT] Microsoft IIS SSL Remote Denial of Service
Exploit (MS04-011)]


You may want to evaluate some of the patches from yesterday and put them 
on a fast track for patching [i.e. those web servers and outward facing 
devices for example]

Our dear friends at K-oTiK have just posted exploit code for 04-011.

Susan


-------- Original Message --------
Subject: 	[EXPLOIT] Microsoft IIS SSL Remote Denial of Service Exploit

(MS04-011)
Date: 	Wed, 14 Apr 2004 18:39:18 +0200 (CEST)
From: 	K-OTik Security <[EMAIL PROTECTED]>
To: 	[EMAIL PROTECTED]



----------------------------------------------------------------------
                    K-OTiK Security / Exploits
----------------------------------------------------------------------

14.04.2004 : MS IIS SSL Remote Denial of Service Exploit (MS04-011)
----------

/*
* Microsoft SSL Remote Denial of Service
* MS04-011
*
* Tested succesfully against IIS 5.0 with SSL.
*
* David Barroso Berrueta
* Alfredo Andres Omella
*
*/


http://www.k-otik.com/exploits/04142004.sslbomb.c.php

----------------------------------------------------------------------
----------------------------------------------------------------------



-- 
http://www.sbslinks.com/really.htm



---
To unsubscribe send a blank email to
[EMAIL PROTECTED]

---
To unsubscribe send a blank email to [EMAIL PROTECTED]
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.