[thelist] When Microsoft admits its an extremely serious vuln erability

Judah McAuley judah@alphashop.com
Tue May 1 15:57:47 2001

Previous message: [thelist] When Microsoft admits its an extremely serious vuln erability
Next message: [thelist] When Microsoft admits its an extremely serious vuln erability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Eeye are the folks who discovered this hole.  Just your basic buffer 
overrun.  Eeye has a tool that automates the discovery of these sorts of 
buffer overrun conditions.  You would think that Microsoft would use a 
similar tool...

Original advisory: http://www.eeye.com/html/Research/Advisories/AD20010501.html

<tip type="NT Security" author="Judah McAuley">
         If you want a relatively low volume, moderated mailing list to 
keep abreast of NT/2000 security breeches, I recommend NTBugTraq.
         http://www.ntbugtraq.com/
</tip>

At 01:41 PM 5/1/01 -0700, you wrote:
>Here's a couple of other links that might be beneficial...
>
>Never used the product, just read about it....
>
>         http://www.eeye.com/SecureIIS
>
>IIS 5.0 Security Checklist
>
>         http://www.microsoft.com/technet/security/iis5chk.asp
>
>The High Security template provided in the checklist
>
>         http://www.microsoft.com/technet/security/tools.asp
>---
>Anthony Baratta
>President
>Keyboard Jockeys
>
>
>---------------------------------------
>For unsubscribe and other options, including
>the Tip Harvester and archive of TheList go to:
>http://lists.evolt.org Workers of the Web, evolt !

Previous message: [thelist] When Microsoft admits its an extremely serious vuln erability
Next message: [thelist] When Microsoft admits its an extremely serious vuln erability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]