HP3000-L Archives

May 2006, Week 4

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: OT: For Symantec Corporate AV Users
From:
Jeff Kell <[log in to unmask]>
Reply To:
Jeff Kell <[log in to unmask]>
Date:
Fri, 26 May 2006 09:25:04 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (12 lines) 
There aren't many details on the exploit at this point, but the
descriptions have said it is remotely exploitable on the client.  If
this is the case, I would suspect the attack vector to be using one of
the two cliient listening ports - udp/2967 or udp/38293.  If you're
paranoid, you might want to block these at the firewall.  I haven't seen
any activity on our sensors [yet].

Jeff

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2