-
April 24th, 2002, 02:18 PM
#1
More Windows vulnerabilities
More windows vulnerabilities:
Source: http://www.securityspace.com
Title: Windows Terminal Service Enabled
ID: 10940
Category: Useless services
URL: http://www.securityspace.com/smysecu....html?id=10940
Summary: Connects to the remote terminal server
Description:
The Terminal Services are enabled on the remote host.
Terminal Services allow a Windows user to remotely obtain
a graphical login (and therefore act as a local user on the
remote host).
If an attacker gains a valid login and password, he may
be able to use this service to gain further access
on the remote host.
Solution : Disable the Terminal Services if you do not use them
Risk factor : Low
Title: IPSEC IKE check
ID: 10941
Category: Denial of Service
URL: http://www.securityspace.com/smysecu....html?id=10941
Summary: IPSEC IKE check
Description:
The remote IPSEC server seems to have a problem negotiating
bogus IKE requests.
An attacker may use this flaw to disable your VPN remotely
Solution: Contact your vendor for a patch
Risk factor: High
Title: Check for a Citrix server
ID: 10942
Category: Useless services
URL: http://www.securityspace.com/smysecu....html?id=10942
Summary: CITRIX check
Description:
A Citrix server is running on this machine.
Citrix servers allow a Windows user to remotely
obtain a graphical login (and therefore act as a local
user on the remote host).
If an attacker gains a valid login and password, he may
be able to use this service to gain further access on
the remote host
Solution: Disable this service if you do not use it. Also, make sure that the SECURE ICA option pack has been installed
Risk factor: Low
Title: Apache Remote Command Execution via .bat files
ID: 10938
Category: CGI abuses
URL: http://www.securityspace.com/smysecu....html?id=10938
Summary: Tests for presence of Apache Command Execution via .bat vulnerability
Description:
The Apache 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server (although it is reported that any .bat file could open this vulnerability.)
An attacker can send a pipe character '|' with commands appended as parameters, which are then executed by Apache.
Solution:
This bug is fixed in 1.3.24 and 2.0.34-beta, or remove /cgi-bin/test-cgi.bat
Risk factor : High
-
April 24th, 2002, 06:41 PM
#2
Senior Member
Seems these would be better placed as "software vulnerabilities" for this version of "windows XP/2000/NT/98/95"
You have Apache and Citrix listed, but does it really relate to windows or the software running on windows?
-
April 24th, 2002, 07:38 PM
#3
Yep you are +/- right. It are no real windows vulnerabilities, only the first is
but knightmb if you read carefull you can see that it mentions for the last 2:
1) for Apache >>> Apache 2.0.x Win32
2) for Citrix >>> Citrix servers allow a Windows user to...
and for the other 2: I assume that "Windows Terminal Service Enabled" concerns windows... and that the VPN DoS concerns M$ users too
for some info how to setup up VPN on win boxes, visit: http://www.vpnlabs.org/vpn-categorie.../36/index.html
but you're right I had to use another thread title... sorry M$
-
April 26th, 2002, 08:01 PM
#4
Um.. a service functioning as designed is not a vulnerability, And term serv is not a default service. They might as well write up a vulnerability like this.
Title: Ctrl-Alt-Del
ID: 106969
Summary: Allows user to log in
Description:
Depressing control, alternate, and delete together allows an individual to login to the machine to which the keyboard is connected
If an attacker gains a valid login and password, he may
be able to use this service to gain further access
on the host.
Solution : Hide the power cord for your computer.
Risk factor : Low
That is just more of the MS sucks propaganda. Terminal server is an extremely useful tool when configured properly.
-
April 27th, 2002, 04:46 PM
#5
Ok mohaughn you have a point... this time I screwed up. It's not fair to blame M$ for everything. So for the second time I apologize.
You are right
Title: Wrong title or not objectif information
ID: 106970
Summary: Allows user to critize you
Description:
Posting a wrong title thread or information could cause problems with other users
If an attacker gains a valid argument he may be able to use this argument
to make further complaints.
Solution : Don't post when you are to tired
Risk factor : Low
-
April 27th, 2002, 05:21 PM
#6
Member
-
April 29th, 2002, 09:21 PM
#7
Senior Member
Originally posted here by mohaughn
Um.. a service functioning as designed is not a vulnerability, And term serv is not a default service. They might as well write up a vulnerability like this.
Title: Ctrl-Alt-Del
ID: 106969
Summary: Allows user to log in
Description:
Depressing control, alternate, and delete together allows an individual to login to the machine to which the keyboard is connected
If an attacker gains a valid login and password, he may
be able to use this service to gain further access
on the host.
Solution : Hide the power cord for your computer.
Risk factor : Low
That is just more of the MS sucks propaganda. Terminal server is an extremely useful tool when configured properly.
I have to admit, that's a good one. I've forwared it to a bunch of friends, so don't be surprised if you get spammed by it later on with the way the Internet works
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|