Full Disclosure mailing list archives

RE: MS03-039 has been released - critical


From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Wed, 10 Sep 2003 14:58:19 -0500

-----Original Message-----
From: Robert Ahnemann [mailto:rahnemann () affinity-mortgage com] 
Sent: Wednesday, September 10, 2003 1:31 PM
To: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] MS03-039 has been released - critical


I ran the test program (as linked by MS) to see if the 
network showed as patched.  I haven't patched any of the 
machines with the 039 code, but all are patched with the 026 
one (original one as of July 16th)  Does this exploit still 
work (as in leave a vuln) if we have patched 026? Might be a 
dumb question, but I bet other people are thinking it too.

I downloaded the MS scanner today and ran it against one 24.  It reports
the computers as "patched with KB823980", so it doesn't look like it's
testing for the new stuff yet.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: