RE: new unknown ms problem...

From: Eijden, Joris van (Joris.vanEijden@corp.vizzavi.net)
Date: 09/10/02


From: "Eijden, Joris van" <Joris.vanEijden@corp.vizzavi.net>
To: "'stillio@netscape.net'" <stillio@netscape.net>, focus-ms@securityfocus.com
Date: Tue, 10 Sep 2002 09:26:14 +0100

Why would this be a new security problem ?
Looks to me like some people are just systematically planting a standard
hack package on systems with no or weak admin passwords. Nothing new there.

From the bulletin:

Attack Vectors
Analysis to date indicates that the attackers appear to have gained entry to
the systems by using weak or blank administrator passwords. Microsoft has no
evidence to suggest that any heretofore unknown security vulnerabilities
have been used in the attacks.

Joris van Eijden

-----Original Message-----
From: stillio@netscape.net [mailto:stillio@netscape.net]
Sent: vrijdag 6 september 2002 20:20
To: focus-ms@securityfocus.com
Subject: new unknown ms problem...

Has anyone heard of the new MS security problem...?

Here is the link:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691

__________________________________________________________________
The NEW Netscape 7.0 browser is now available. Upgrade now!
http://channels.netscape.com/ns/browsers/download.jsp

Get your own FREE, personal Netscape Mail account today at
http://webmail.netscape.com/

**********************************************************************
This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail: to do so could be a breach of confidence. Please notify us immediately by reply e-mail and then delete this e-mail from your system. Please contact our IT Helpdesk on +44 (0)20 7212 0000 or e-mail ukithelpdesk@corp.vizzavi.net if you need assistance.

E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message that arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.

This e-mail has been sent through the e-mail gateway of Vizzavi Europe Limited ("VEL") on its own account or on behalf of and for the benefit of other Vizzavi group companies who use this facility from time to time.

VEL Registered office - 80 Strand London WC2R ORJ England. Registered in England No. 04064873

For this message in Dutch, French, German, Greek, Italian, Portuguese and Spanish, click on http://www.corp.vizzavi.net/disclaimer/

Visit Vizzavi at: http://www.vizzavi.net/

This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************



Relevant Pages

  • [Full-disclosure] Raising Robot Criminals
    ... identity theft and robot-driven attack propagation. ... security as well as on Sql Injection, this text is not yet another one. ... security numbers - are opened for remote penetration. ...
    (Full-Disclosure)
  • [Full-disclosure] STEP Security
    ... Internet-Drafts are working documents of the Internet Engineering ... security in otherwise insecure environments. ... APT (Another Possible Threat) ... of a cyber attack before more terabytes of data are exfiltrated from ...
    (Full-Disclosure)
  • =?windows-1252?Q?Re=3A_Lahore=2DTerror_Attacks=3A_RAW=92s_Guerilla_Warfare?=
    ... security forces have been martyred in foiling three separate terrorist ... attacks by killing 9 terrorists at FIA Building, ... suicide attack in Kohat. ... been waging a guerilla warfare in Pakistan through its well-trained ...
    (sci.military.naval)
  • [NT] DCE RPC Vulnerabilities New Attack Vectors Analysis
    ... Get your security news from a reliable source. ... These new attack methods were found while researching exploitation ... They might also apply to other vulnerabilities such as the DCE RPC DCOM ...
    (Securiteam)
  • << Small Biz Server news this week - June 18, 2004 >>>
    ... The monthly Executive Circle Security Webcast with Mike Nash, ... IP phones can create network security risk ... The biggest of the headaches was Tuesday's attack ... Akamai now says it was targeted by DDoS attack ...
    (microsoft.public.windows.server.sbs)