Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > RPC Vulnerability Info Here

Reply
Thread Tools

RPC Vulnerability Info Here

 
 
PseUDO
Guest
Posts: n/a
 
      08-12-2003
From Neowin's website:

Tonight another round of internet shutdowns has resulted in worried and
confused users of Windows 2000/XP and Windows Server 2003.

Please remember to patch your system and check to make sure your firewall is
blocking any kind of attack to any of your systems.

W32.Blaster.Worm is a worm that will exploit the DCOM RPC
vulnerability(described in Microsoft Security Bulletin MS03-026) using TCP
port 135. It will attempt to download and run a file, msblast.exe.

User's should block access to TCP port 4444 at the firewall level. User's
should also block the following ports, if they do not use applicaitons
listed:

TCP Port 135, "DCOM RPC"
UDP Port 69, "TFTP"

````````````````

From Symantec's website:

Based on the number of submissions received from customers and based on
information from the Symantec's Deepsight Threat Management System, Symantec
Security Response has upgraded this threat to a Category 4 from a Category 3
threat.

W32.Blaster.Worm is a worm that will exploit the DCOM RPC vulnerability
(described in Microsoft Security Bulletin MS03-026) using TCP port 135. This
worm will attempt to download and run the Msblast.exe file.

Block access to TCP port 4444 at the firewall level, and then block the
following ports, if they do not use the applications listed:


a.. TCP Port 135, "DCOM RPC"
b.. UDP Port 69, "TFTP"
The worm also attempts to perform a Denial of Service (DoS) on
windowsupdate.com. This is an attempt to prevent you from applying a patch
on your computer against the DCOM RPC vulnerability.

http://securityresponse.symantec.com...oval.tool.html

W32.Blaster.Worm Removal Tool

If your infected use removal tool to remove infection , then apply
Microsofts patch IMEDIATELY from here

http://www.microsoft.com/technet/tre...n/MS03-026.asp

PseUDO


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Python script xml-rpc to C# xml-rpc script Ymtrader Python 1 03-15-2011 03:20 PM
rpc (not xml-rpc) Vladimir Konrad Ruby 5 09-03-2005 02:18 PM
XML RPC to ONC XDR RPC Pere Montolio XML 0 08-11-2004 08:47 AM
Ruby and Sun-RPC or ONC-RPC ? Shirish Joshi Ruby 0 04-07-2004 10:12 AM
Re: RPC vulnerability for 9x/ME, too. Boomer Computer Support 24 08-18-2003 03:49 AM



Advertisments