Just letting you know that some *moron* posted a fully working exploit on the Full Disclosure mailing list for the latest RPC bug in Windows 2000. Making a worm out of it is trivial, better put some firewalls to block inbound DCE/RPC... :(
Posted on 2005-08-11 18:15:06 by QvasiModo
this is what the full-disclosure list is for though ...
Posted on 2005-08-11 18:55:25 by abc123
Funny how this is legally listed. True, opens jobs for admins and tech support, but the end-users are always at stake or even sacrificed.
Posted on 2005-08-11 20:15:11 by Ultrano

this is what the full-disclosure list is for though ...

They could have simply given the needed information. There was no need to post working code - it's actually less informational than a well written article.

Anyhow, it's not working on all service packs.
Posted on 2005-08-12 09:50:59 by QvasiModo
I'm generally against people posting working code, especially when the developers haven't had a reasonable amount of time to fix the bug. You could, I guess, see posting working code as applying pressure to the company if it hasn't fixed the bug within a couple of weeks. *shrug*. I still think giving all the details but no ready-to-compile source code would be better, though.
Posted on 2005-08-14 08:13:53 by f0dder