Ok just released today a hole that could be as serious as CodeRed etc. Info about and link to patch how many does that make this year?
http://www.eeye.com/html/Research/Ad...D20010618.html
Printable View
Ok just released today a hole that could be as serious as CodeRed etc. Info about and link to patch how many does that make this year?
http://www.eeye.com/html/Research/Ad...D20010618.html
Hmm the article seems a bit old.. Did you add wrong url ??
Cut and paste From the link you provided.Quote:
Ok just released today a hole that could be as serious as CodeRed etc. Info about and link to patch how many does that make this year?
http://www.eeye.com/html/Research/Ad...D20010618.html
Quote:
All versions of Microsoft Internet Information Services Remote buffer overflow (SYSTEM Level Access)
Release Date:
June 18, 2001
Severity:
High (Remote SYSTEM level code execution)
Systems Affected:
Microsoft Windows NT 4.0 Internet Information Services 4.0
Microsoft Windows 2000 Internet Information Services 5.0
Microsoft Windows XP beta Internet Information Services 6.0 beta
Description:
There exists a remote buffer overflow vulnerability in all versions of Microsoft Internet Information Services (IIS) web server software.
Another Ida exploit. If you've not removed the ida isapi you deverve pretty much everything you get. See this tutorial for more information in which I cover removing ida isapi:
Securing an installation of IIS 4. (No, seriously)
Good find Palemoon - but <confusion>released today?</confusion> The Article is dated June 18, _2001_
My error on the link people, goes to show you anyone can have a Ueeee and one should not get on-line when ill. 5 Holes this week alone from MS, trustworthing computing...Me thinks Not sorry again for the error.
Are you going to post the correct link then?
Lets give it another sorry moving real s-l-o-w http://bvlive01.iss.net/issEn/delive...sp?id=advise95 should have a few bits of info on the some 30 flaws in M$ products to date. Funny how M$ places on their own site most of them as minor while most other sites rate them much more serious.
that one is posted from sept 2001.... ????
There are three threads in this forum with the information about the new security notifications MS sent out today. The IIS exploit is 02-028. I wonder what it is that is making palemoon so ill that he doesn't know what the date is.Quote:
/me sighs...........*m$, m$, m$, when will you learn, look at the security just as must as the smiley interface*
%example%: Windows XP, nice little purdy Fisher-Price interface (which I had to skin to a black setup just to be able to bear looking at it), and so many spyware/security holes it gives you a headache.........
bleah
from bugtraq
More info on the microsoft critical alert:
http://www.microsoft.com/technet/tre...n/MS02-027.asp
More info on the breakage: http://www.pivx.com/workaround_fail.html
This is a different problem. They released a fix and it broke more then if fixed. Sorry, didn't have time to start a new thread. I got to go to the dentist....