MSBLAST virus portable to Linux?
From: Mats (spamenot.mog.pettersson_at_telia.com)
Date: 08/13/03
- Next message: ishwar: "cdrecord and file-names questions.."
- Previous message: Xyerp: "Re: reading files line by line & getting user input"
- Next in thread: Robert Heller: "Re: MSBLAST virus portable to Linux?"
- Reply: Robert Heller: "Re: MSBLAST virus portable to Linux?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 13 Aug 2003 18:42:10 GMT
Since the MSBLAST virus uses an exploit in Windows RPC which is drived from
the OSF protocol (Open Software Foundation), is there any risk of getting a
virus ported to Linux/*NIX systems or is the exploit only in available in
the MS Windows binary? I mean, they might have *borrowed* some OSF code?
I quote Microsoft below:
----8<---
Remote Procedure Call (RPC) is a protocol used by the Windows
operating system. RPC provides an inter-process communication
mechanism that allows a program running on one computer to
seamlessly execute code on a remote system. The protocol itself
is derived from the OSF (Open Software Foundation) RPC protocol,
but with the addition of some Microsoft specific extensions.
There is a vulnerability in the part of RPC that deals with
message exchange over TCP/IP. The failure results because of
incorrect handling of malformed messages. This particular
vulnerability affects a Distributed Component Object Model (DCOM)
interface with RPC, which listens on TCP/IP port 135. This
interface handles DCOM object activation requests sent by client
machines (such as Universal Naming Convention (UNC) paths) to the
server.
---8<---
- Next message: ishwar: "cdrecord and file-names questions.."
- Previous message: Xyerp: "Re: reading files line by line & getting user input"
- Next in thread: Robert Heller: "Re: MSBLAST virus portable to Linux?"
- Reply: Robert Heller: "Re: MSBLAST virus portable to Linux?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
