NT/W2K Source leak

• Previous message: James Guse: "Re: MS announces change in IE behavior"
• Next in thread: Russ: "Re: NT/W2K Source leak"
• Maybe reply: Russ: "Re: NT/W2K Source leak"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Fri, 13 Feb 2004 12:30:46 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

1. NT source is NT 4.0 SP3, contains 27000+ files (658MB). It is all NT
4.0 Server except IIS, includes IE 4. No references to Mainsoft (see
http://www.eweek.com/article2/0,4149,1526830,00.asp.)

2. W2K is SP1, a very small subset, IE 5, SNMP, PKI, networking and some
SDK stuff. 28000+ files (338MB - although many of these are empty mail
messages and other crap.) Does contain 3 references to MainSoft. Much of
what is there is available elsewhere.

MS confirmed the leak at;

http://www.microsoft.com/presspass/press/2004/Feb04/02-12windowssource.a
sp

I'd be very surprised if this leak results in any significant new risk.
Given how hard people have pounded away at the binaries in the past,
pouring over 55,000 source file to find something new in old versions
will likely/hopefully be a very unfulfilling task.

Cheers,
Russ - NTBugtraq Editor

-----
NTBugtraq Editor's Note:

Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
-----

• Previous message: James Guse: "Re: MS announces change in IE behavior"
• Next in thread: Russ: "Re: NT/W2K Source leak"
• Maybe reply: Russ: "Re: NT/W2K Source leak"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: menus in JS or CSS - pros? cons? ... So in theory, attaching event handlers to ... The theory that says 'all circular references including DOM nodes causes ... but it does not identify all leak scenarios. ... (comp.lang.javascript) Re: Memory leak in aspnet_wp.exe ... http://www.red-gate.com/code_profiling.htm (14 day free trial ought to be ... First you need to figure out if this is a managed or unmanaged leak. ... references to the same object all over the place (utility classes can often ... It did not send any responses for pending requests in ... (microsoft.public.dotnet.framework.aspnet) Re: [Full-Disclosure] Windows 2000 Source Leak Verified. Get ready for the havoc. ... Indeed -- there are some public domain references (from folk who should ... "leaked" .ZIPs show that there is quite a bit of cruft included (.EML ... NT 4.0 Server except IIS, ... No references to Mainsoft ... (Full-Disclosure) Re: how to overcome "java.lang.OutOfMemory" Error ... A profiler can help identify where the leak is. ... The solution is to use "temporary" variables that go out of scope as the only references to such objects. ... Avoid static and collection references to objects that need to go away. ... If your algorithm simply demands gigabytes of data, either you are going to have to stripe the algorithm or buy more RAM. ... (comp.lang.java.programmer) Re: Is garbage collection here yet? ... memory leaks ... creating references. ... if I create a hashtable then the keys ... this is not a leak, ... (comp.lang.tcl)