Re: [Dshield] Proxy attackers/hijackers

From: Thor Larholm (lists.netsys.com_at_jscript.dk)
Date: 10/18/03

  • Next message: Thomas Willner: "Proxy attackers/hijackers" 
    To: "General DShield Discussion List" <list@dshield.org>, "'Joe Stewart '" <jstewart@lurhq.com>
Date: Fri, 17 Oct 2003 22:06:53 -0700

    > From: "Thomas Willner" <thomaswillner@elitetraderz.com>
    > It has been reported that the official Microsoft patch for this
    > vulnerability is not 100% effective in blocking exploitation. At this
    > time, there is no fully working solution except disabling ActiveX
    > controls and also disabling Active Scripting in IE.

    Your reports are almost a month old by now.

    > Some links that may be of use in determining your exposure to this
    > vulnerability:
    >
    > Technical Bulletin:
    > http://www.microsoft.com/technet/security/bulletin/MS03-032.asp

    It may be true that MS03-032 did not fully patch the Object Data vulnerability,
    but a revised version has been released for several weeks now. It is called
    MS03-040, was released October 3 and it does indeed patch this vulnerability
    completely.

    http://www.microsoft.com/technet/security/bulletin/ms03-040.asp

    Regards
    Thor Larholm
    PivX Solutions, LLC - Senior Security Researcher
    http://pivx.com/larholm/ - Get our research, join our mailinglist

    ---------------------------------------------------------------------------
    FREE Whitepaper: Better Management for Network Security

    Looking for a better way to manage your IP security?
    Learn how Solsoft can help you:
    - Ensure robust IP security through policy-based management
    - Make firewall, VPN, and NAT rules interoperable across heterogeneous
    networks
    - Quickly respond to network events from a central console

    Download our FREE whitepaper at:
    http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
    ----------------------------------------------------------------------------

  • Next message: Thomas Willner: "Proxy attackers/hijackers"

    Relevant Pages

    • Re: Its not that simple... [Was: Re: [Full-disclosure] Disney Down?]
      ... PnP is not a show stopper when it comes to patch compatibility testing ... "Successful exploitation of this vulnerability could be leveraged to ... "If it had been International Paper or some company like ... > to take security matters more seriously. ...
      (Full-Disclosure)
    • Re: Download.ject - commentary - LONG
      ... > patch recently released by Microsoft. ... > vulnerability in question, but instead is just a partial workaround. ... > Granted these are known security best practices related to Internet ... > a new default browser to users and hope that it will be safe enough. ...
      (microsoft.public.win2000.security)
    • Re: NT4 patch for MS00-084??
      ... there is no such patch to be found on the technet security ... > "Microsoft has released a patch that eliminates a security ... > vulnerability in Microsoft® Indexing Services for Windows 2000. ...
      (microsoft.public.security)
    • Microsoft Security Bulletin MS01-044
      ... Subject: Microsoft Security Bulletin MS01-044 ... 15 August 2001 Cumulative Patch for IIS ... - A denial of service vulnerability that could enable an attacker ...
      (Bugtraq)
    • Download.ject - commentary - LONG
      ... vulnerability in question, but instead is just a partial workaround. ... ADDITION to applying the 870669 patch. ... Granted these are known security best practices related to Internet ... a new default browser to users and hope that it will be safe enough. ...
      (microsoft.public.win2000.security)