Network Security: Detailed info on Re: [Full-disclosure] NT4 worm

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] NT4 worm

from [H D Moore] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] NT4 worm
Date:	Wed, 30 Aug 2006 14:29:57 -0500

The exploit for NT 4.0 is *exactly* the same packet as the one you would 
also use on Windows 2000. I am suprised that this is considered a "NT 4" 
worm and not a "Windows 2000 (+NT 4.0)" worm. Is something specific about 
the exploit they use that prevents it from working on Windows 2000?

-HD

On Wednesday 30 August 2006 10:11, Juha-Matti Laurio wrote:

Are the machines you have experience especially NT4.0 machines?
It appears that one of the PoC's (public on Monday 28th Aug) lists the
following information: "Systems Affected:
*  Microsoft Windows 2000 SP0-SP4
*  Microsoft Windows XP SP0-SP1
*  Microsoft Windows NT 4.0"

but reportedly it is tested against XPSP1 and W2KSP4 systems.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Full-disclosure] NT4 worm, Juha-Matti Laurio RE: [Full-disclosure] NT4 worm, Geo. Re: [Full-disclosure] NT4 worm, H D Moore <= Re: [Full-disclosure] NT4 worm, Juha-Matti Laurio Re: [Full-disclosure] NT4 worm, Juha-Matti Laurio Re: [Full-disclosure] NT4 worm, Juha-Matti Laurio

Previous by Date:	Re: [Full-disclosure] The current state of play, b . hines
Next by Date:	[Full-disclosure] php poc exploit for osCommerce <= 2.2 Milestone 2 060817 vuln found by gulftech, s1024 aa
Previous by Thread:	RE: [Full-disclosure] NT4 worm, Geo.
Next by Thread:	Re: [Full-disclosure] NT4 worm, Juha-Matti Laurio
Indexes:	[Date] [Thread] [Top] [All Lists]