RE: Microsoft Security Advisory MS 03-007
From: Kim Christiansen (kcn@carlbro.com)
Date: 03/18/03
- Previous message: Joseph Durnal: "Microsoft Security Advisory MS 03-007 - Problems"
- Maybe in reply to: Douglas R. Wilson: "Microsoft Security Advisory MS 03-007"
- Next in thread: Matthew Cole: "RE: Microsoft Security Advisory MS 03-007"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Kim Christiansen <kcn@carlbro.com> To: Focus-MS <focus-ms@securityfocus.com> Date: Tue, 18 Mar 2003 15:42:41 +0100
> > Douglas,
> > You say "IIS servers are actively being compromised already,
> > before the bulletin was released" --- do you have any links to
> > documentation about this? I haven't heard of this.
> >
> > Also, besides IIS, what methods are available to exploit the
> > vulnerability in ntdll.dll ?"
>
> I must admit, I don't want to be scaremongerish. One
> published article that
> is low on details is at
> http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029
>
http://www.msnbc.com/news/886524.asp?0cv=CB10
-Kim
----------------------------------------------------------------------
ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
It's as simple as placing additional SQL commands into a Web Form input
box giving hackers complete access to all your backend systems!
http://www.spidynamics.com/mktg/sqlinjection33
- Previous message: Joseph Durnal: "Microsoft Security Advisory MS 03-007 - Problems"
- Maybe in reply to: Douglas R. Wilson: "Microsoft Security Advisory MS 03-007"
- Next in thread: Matthew Cole: "RE: Microsoft Security Advisory MS 03-007"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
