RE: Microsoft Security Advisory MS 03-007 - Problems

From: Turner, Keith (Contractor) (Keith.Turner@tea.army.mil)
Date: 03/18/03

  • Next message: Watson, Michael: "RE: Microsoft Security Advisory MS 03-007 - Problems"
    From: "Turner, Keith (Contractor)" <Keith.Turner@tea.army.mil>
    To: 'David Vincent' <david.vincent@mightyoaks.com>, focus-ms@securityfocus.com
    Date: Tue, 18 Mar 2003 13:30:08 -0500
    
    

     They just posted a follow up message including the version, MX (ver
    6,0,0,55693) Professional... Looks like they have eliminated CF itself
    (admin tool works), and are looking into some of their custom code.

    Keith

    -----Original Message-----
    From: David Vincent [mailto:david.vincent@mightyoaks.com]
    Sent: Tuesday, March 18, 2003 1:20 PM
    To: focus-ms@securityfocus.com; 'Keith.Turner@tea.army.mil'
    Subject: RE: Microsoft Security Advisory MS 03-007 - Problems

    any idea what coldfusion version they are running?

    -d

    > -----Original Message-----
    > From: Turner, Keith (Contractor) [mailto:Keith.Turner@tea.army.mil]
    > Sent: March 18, 2003 10:00 AM
    > To: 'Mike Heitz'; Jonathan Grotegut; josephdurnal@cablespeed.com;
    > focus-ms@securityfocus.com
    > Subject: RE: Microsoft Security Advisory MS 03-007 - Problems
    >
    >
    > I saw on another list where someone had it fail on two
    > servers, both of
    > which were running coldfusion. That could be 2 out of 2 or it
    > could be 2 out
    > of 1000, I'm not sure.
    >
    > Keith
    >
    >
    > -----Original Message-----
    > From: Mike Heitz [mailto:mikeheitz@upshotmail.com]
    > Sent: Tuesday, March 18, 2003 11:49 AM
    > To: Jonathan Grotegut; josephdurnal@cablespeed.com;
    > focus-ms@securityfocus.com
    > Subject: RE: Microsoft Security Advisory MS 03-007 - Problems
    >
    >
    > I'm curious too. We've only got 1 OWA server we were planning to patch
    > tonight. I haven't been able to find any info on specific problems
    > people are having.
    >
    > Any info would be greatly appreciated.
    >
    > mike heitz ** sr it manager ** UPSHOT
    > 312-943-0900 x5190
    >
    > -----Original Message-----
    > From: Jonathan Grotegut [mailto:jgrotegut@directpointe.com]
    > Sent: Tuesday, March 18, 2003 10:29 AM
    > To: josephdurnal@cablespeed.com; focus-ms@securityfocus.com
    > Subject: RE: Microsoft Security Advisory MS 03-007 - Problems
    >
    > Joseph,
    >
    > What kind of problems are people experiencing. I have updated over 16
    > servers so far with the patch, (most of which are only
    > running OWA), and
    > I have not seen any problems. Insight into this would be good.
    >
    > Jonathan Grotegut
    > DirectPointe
    >
    >
    > -----Original Message-----
    > From: Joseph Durnal [mailto:josephdurnal@yahoo.com]
    > Sent: Tuesday, March 18, 2003 8:20 AM
    > To: focus-ms@securityfocus.com
    > Subject: Microsoft Security Advisory MS 03-007 - Problems
    >
    >
    > I just heard through Microsoft Premier Support that
    > customers have had problems after installing the patch
    > for MS 03-007 (Q815021_W2K_sp4.exe). It has been
    > recommended to us to hold off on patching until
    > further notice.
    >
    > Joseph M. Durnal
    > josephdurnal@yahoo.com
    >
    >
    >
    > __________________________________________________
    > Do you Yahoo!?
    > Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
    > http://platinum.yahoo.com
    >
    > ----------------------------------------------------------------------
    > ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data! It's as
    > simple as placing additional SQL commands into a Web Form input
    > box giving hackers complete access to all your backend systems!
    > http://www.spidynamics.com/mktg/sqlinjection33
    >
    >
    > ----------------------------------------------------------------------
    > ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    > It's as simple as placing additional SQL commands into a Web
    > Form input
    > box giving hackers complete access to all your backend systems!
    > http://www.spidynamics.com/mktg/sqlinjection33
    >
    >
    > ----------------------------------------------------------------------
    > ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    > It's as simple as placing additional SQL commands into a Web
    > Form input
    > box giving hackers complete access to all your backend systems!
    > http://www.spidynamics.com/mktg/sqlinjection33
    >
    > ----------------------------------------------------------------------
    > ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    > It's as simple as placing additional SQL commands into a Web
    > Form input
    > box giving hackers complete access to all your backend systems!
    > http://www.spidynamics.com/mktg/sqlinjection33
    >

    ----------------------------------------------------------------------
    ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    It's as simple as placing additional SQL commands into a Web Form input
    box giving hackers complete access to all your backend systems!
    http://www.spidynamics.com/mktg/sqlinjection33


  • Next message: Watson, Michael: "RE: Microsoft Security Advisory MS 03-007 - Problems"