MS01-022 not in MDAC 2.7 SP1

• Previous message: GreyMagic Software: "Sniffing Opera's Tracks (GM#006-OP)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Tue, 28 Jan 2003 12:23:23 -0500
From: "Carl R. Diliberto" <cdiliberto@HOTMAIL.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Is it just me, or did Microsoft not include the WebDAV update (MS01-022) in
MDAC 2.7 SP1 redistributable? I noticed that XP is not vulnerable, but even
a W2K Server with SP3, XML 4.0 SP1, and MDAC 2.7 SP1 is still vulnerable to
at least this exploit?

I am trying to write some outlines on securing Windows Boxes and noticed
that this old update was missing thanks to MSBA 1.1 not being able to verify
it....

I wonder about MS02-008, MS02-053, and MS02-065???

Anyone else run into this?

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure Corporation
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
TICSA - Anniversary Special - Limited Time

Become TICSA certified for just $221.25 US when you register before 3/31/03
with PROMO "TS0103" at www.2test.com. NO membership fees, certification
good for 2 years. Price for international delivery just $296.25 US, with
this offer. Offer cannot be combined with any other special and expires
3/31/03. Visit www.trusecure.com/ticsa for full details.

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Next message: Clive Flint: "MSIEXEC problem with long user names"
• Previous message: GreyMagic Software: "Sniffing Opera's Tracks (GM#006-OP)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]