Here it comes: MS05-051 exploit info and rumors

["Fergie (Paul Ferguson)" <fergdawg () netzero net>]

Via the SANS Internet Storm Center's Daily Handler's Diary.

[snip]

Patch yesterday folks. So far we're aware that an MS05-051 exploit is in the hands of immunitysec Canvas customers - 
"October 11, 2005: MS05-051 (MS DTC) Trigger for the bug in MS DTC on Windows 2000"

In addition we're seeing reports of non-specific exploit warnings from managed security service providers to their 
customers. And some rumors.

McAfee Vulnerability Information says that they have protection against exploits of MS Vulnerability MS05-051, 
"Entercept's Generic Buffer Overflow Protection protects against code execution that may result from exploiting this 
vulnerability."

ISS says they have protection out for an exploit, it's announcement is here.

Here's some pre-vuln announcement facts, see the DShield data on Port 3372 scanning, ymmv.

We'll post anything else that's specific and critical when we get it.

[snip]

http://isc.sans.org/diary.php?storyid=759

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.