Re: Alert: MS03-019, Microsoft... wrong, again.
From: Marc Maiffret (marc_at_EEYE.COM)
Date: 05/29/03
- Previous message: Russ: "Re: Alert: Microsoft Security Bulletin - MS03-018"
- In reply to: Russ: "Alert: Microsoft Security Bulletin - MS03-019"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 May 2003 16:55:02 -0700 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Microsoft is wrong and misleading customers in this advisory. This Windows
Media Service vulnerability is exploitable, as confirmed in the labs at
eEye, and by the discoverer of this vulnerability, Brett Moore.
I am not sure why Microsoft misidentified this vulnerability... maybe it is
just a typo, maybe its a lack of technical know-how. Either way they need to
re-release this advisory so that the correct information is given to
customers.
There is a big difference in telling customers "Ahh its a denial of service,
and your web server will automatically restart" compared to the reality of
the situation "If your running Windows Media Services on IIS, attackers can
spawn a remote shell 'command prompt' on your vulnerable system."
Brett Moore, the researcher that discovered this flaw, is going to be
releasing an advisory soon with more details on the how and why.
Not sure how you can have "Trust"worthy Computing when your misinforming
customers on a regular basis or releasing patches that disable their
Internet access. :-o
For those technically inclined... supposedly MS thinks controlling ecx and
eax on a mov [ecx],eax is not exploitable, just a DoS. hah
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
P.S. U.S. drinking team still rulez N.Z. >:-]
| -----Original Message-----
| From: Windows NTBugtraq Mailing List
| [mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM]On Behalf Of Russ
| Sent: Wednesday, May 28, 2003 10:30 AM
| To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
| Subject: Alert: Microsoft Security Bulletin - MS03-019
|
|
| http://www.microsoft.com/technet/security/bulletin/MS03-019.asp
|
| Flaw in ISAPI Extension for Windows Media Services Could Cause
| Denial of Service (817772)
|
| Originally posted: May 28, 2003
|
| Summary
|
| Who should read this bulletin: System administrators running
| Microsoft® Windows NT 4.0 or Microsoft Windows 2000
|
| Impact of vulnerability: Denial of Service
|
| Maximum Severity Rating: Moderate
|
| Recommendation: System administrators install the patch at the
| earliest available opportunity.
|
| Affected Software:
| - Microsoft Windows NT 4.0
| - Microsoft Windows 2000Non Affected Software:
| - Microsoft Windows XP
| - Microsoft Windows Server 2003
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
FREE 14-DAY TRIAL of New Threat & Vulnerability Notification Service
TruSecure's new IntelliShield(tm) web-based threat and vulnerability
service isn't your typical alert service. Supported by TruSecure's vast
intelligence resources - including the ICSA Labs - IntelliShield's early
warning, analysis, decision support, and threat management tools provide
organizations with unmatched intelligence to better protect critical
information assets. Experience it for yourself - just click below to begin
your FREE, NO OBLIGATION 14-day trial today!
http://www.trusecure.com/offer/s0074/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Russ: "Re: Alert: Microsoft Security Bulletin - MS03-018"
- In reply to: Russ: "Alert: Microsoft Security Bulletin - MS03-019"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
