I
Issac Medina
This was sent to microsoft without success!
London, Saturday 16-Aug-2003, 11:30am
Dear Sir, Madam;
Microsoft latest DCOM RPC vulnerability can hit again with
a non relevant utility Microsoft corporation has published.
Microsoft has published a network scanning utility that
allow network administrators as well as hackers, crackers
and other script kiddies to do the following: "The
KB823980scan.exe tool can scan remote host computers
without requiring authentication (that is, you do not have
to supply valid credentials on the remote host computer).
Use of the KB823980scan.exe tool does not affect the
stability of the target operating system that is
scanned.",http://support.microsoft.com/default.aspx?scid=kb;en-us;826369.
By using this scanning tool we've found out that non
authorized personnel can locate hosts that are vulnerable
to the worm and attack them directly, eliminating the need
of scanning entire networks.
Since Microsoft Corporation doesn't allow our browsers
(which are NOT Microsoft products) to access and find a way
to communicate with their "Report a Security Vulnerability"
web page
(https://www.microsoft.com/technet/treeview/default.asp?url=/Technet/security/bulletin/alertus.asp)
by e-mail, we have decided to submit our SPECIAL and urgent
report to you immediately.
Please feel free to contact us for more information and
comments.
Best Regards,
Issac Medina
Co-Founder
Netcom Ltd.
Core Securities Division
United Kingdom
"If there is a way in, we'll find it!"
London, Saturday 16-Aug-2003, 11:30am
Dear Sir, Madam;
Microsoft latest DCOM RPC vulnerability can hit again with
a non relevant utility Microsoft corporation has published.
Microsoft has published a network scanning utility that
allow network administrators as well as hackers, crackers
and other script kiddies to do the following: "The
KB823980scan.exe tool can scan remote host computers
without requiring authentication (that is, you do not have
to supply valid credentials on the remote host computer).
Use of the KB823980scan.exe tool does not affect the
stability of the target operating system that is
scanned.",http://support.microsoft.com/default.aspx?scid=kb;en-us;826369.
By using this scanning tool we've found out that non
authorized personnel can locate hosts that are vulnerable
to the worm and attack them directly, eliminating the need
of scanning entire networks.
Since Microsoft Corporation doesn't allow our browsers
(which are NOT Microsoft products) to access and find a way
to communicate with their "Report a Security Vulnerability"
web page
(https://www.microsoft.com/technet/treeview/default.asp?url=/Technet/security/bulletin/alertus.asp)
by e-mail, we have decided to submit our SPECIAL and urgent
report to you immediately.
Please feel free to contact us for more information and
comments.
Best Regards,
Issac Medina
Co-Founder
Netcom Ltd.
Core Securities Division
United Kingdom
"If there is a way in, we'll find it!"