From: "John D. Hardin" [EMAIL PROTECTED]
On Fri, 28 Jan 2000, Mnemonix wrote:
I apply the patch from Microsoft and it doesnt change the problem. I
test
this after and the problem are the same
*** WARNING
Even if you have no .htw files on your system you're probabl
Cerberus Information Security Advisory (CISADV000126)
http://www.cerberus-infosec.co.uk/advisories.html
Released : 26th January 2000
Name : Webhits.dll buffer truncation
Affected Systems: Microsoft Windows NT 4 running Internet Information
Server 4 All service
Cerberus Information Security, Ltd would like to announce the next version
of our CIS vulnerability scanner.
CIS, which runs on Windows NT or 2000, now has a graphical user interface
and has become multi-threaded, considerably reducing the length of time
required to scan a host. The scan modules
- Original Message -
From: "Pauli Ojanpera" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, December 07, 1999 8:55 AM
Subject: Local user can fool another to run executable. .CNT/.GID/.HLP
M$WINNT
Windows help system uses a HELPFILE.CNT file as table of contents
metafile for
Finally NTInfoScan has been updated though what's even better is that it is
no longer NT specific - it'll
root out holes in UNIX systems now too and much more functionality and
checking has been added.
Oh, and it's now been reborn as the Cerberus Internet Scanner or CIS for
short.
Checks for
Oracle_Web_listener2.1/1.20in2 on Solaris was tested. More recent
and earlier versions may also be affected but that's not known yet. Anybody
with access to such versions it - could you check?
TIA
Cheers,
David Litchfield
http://www.infowar.co.uk/mnemonix/
Cerberus Information Security
- Original Message -
From: "Thomas Dullien" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; "Mnemonix" [EMAIL PROTECTED]
Sent: Tuesday, November 23, 1999 12:53 PM
Subject: Re: [BUGTRAQ] WordPad/riched20.dll buffer overflow
On Sat, 20 Nov 1999 00:43:26 -
l have to be cunning. On Win2K there is
not this problem. For both OSs from the ESP you'll get around 152 bytes of
room to put your exploit code in.
For anyone interested in NT buffer overruns some useful docs on the subject
can be found at http://www.infowar.co.uk/mnemonix
Cheers,
David Litchfield
sensitivefiles like /etc/passwd by modifying a site's
form and submitting it.
Cheers,
David Litchfield
http://www.infowar.co.uk/mnemonix/
Cerberus Information Security
+44(0)181 661 7405
with a high degree of certainty that
they're dealing with a specific platform.
Cheers,
David Litchfield
http://www.infowar.co.uk/mnemonix/
Cerberus Information Security
+44(0)181 661 7405
- Original Message -
From: Tim Jones [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, November 07, 1999 3:01 AM
Subject: Netscape Web Publisher
This is not a HOLE. By default(I think)netscape -Enterprise/3.5.1I
installs ALOT of shit that you will never need or use. But like
on a drive
and then clicking on properties appears to do nothing. Nothing that is until
you log off. There on the Ctrl + Alt + Del logon screen is the drive's
properties.
Cheers,
David Litchfield
http://www.arca.com
http://www.infowar.co.uk/mnemonix
Okay - after having spoken to Scott Culp at Microsoft the issue detailed in
the e-mail entitled "A real windows 2000 backdoor" has since been fixed in
the most recent version of Windows 2000. An Admin account is no longer
created. However the starting of the telnet server is still an issue but MS
use this door you can
bet the script-kiddiez will be all over this one.
Connect a Windows 2000 Professional machine to the Internet? No thanks.
Cheers,
David Litchfield
http://www.arca.com
http://www.infowar.co.uk/mnemonix/
14 matches
Mail list logo
