RE: Code Red Question

From: Reverend Lola (reverend_lola@yahoo.com)
Date: 08/01/01


Message-ID: <20010801003123.35615.qmail@web12808.mail.yahoo.com>
Date: Tue, 31 Jul 2001 17:31:23 -0700 (PDT)
From: Reverend Lola <reverend_lola@yahoo.com>
Subject: RE:  Code Red Question
To: security-basics@securityfocus.com


----->%------snip----->%------
> Would it be fair to say that an MS web server (IIS 4
or 5)
> *not* running
> index services are effectively impervious to Code
Red
> regardless of whether
> they are running the patch? If not, why not?
----->%------snip----->%------

Nope. As long as IIS 4 or 5 is running unpatched, and
idq.dll is on the machine, you're vulnerable.

It doesn't matter if Index Server (IIS 4) or Indexing
Services (IIS 5) is running or not.

Take a look at http://www.securityfocus.com/bid/2880.

Hope this helps,

Reverend Lola
The Titanium Sheep
Provider of Steel Wool
Defender of the Fleeceless

__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/



Relevant Pages

  • Re: Jeez... how do I even start ????
    ... > When I would start IIS from the Administrative tools, ... > situation, with the same resolution as described in the msdn article, so ... A lot of these other posts also mentioned the ASPNET user. ... > the web server was running on this machine. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: preventing username enumeration on NT4
    ... Nimda Worm Shows You Can't Always Patch Fast Enough ... should start to investigate less-vulnerable Web server products. ... Microsoft's Internet Information Server (IIS), ...
    (comp.security.misc)
  • Re: preventing username enumeration on NT4
    ... Nimda Worm Shows You Can't Always Patch Fast Enough ... should start to investigate less-vulnerable Web server products. ... Microsoft's Internet Information Server (IIS), ...
    (comp.security.misc)
  • Re: preventing username enumeration on NT4
    ... Nimda Worm Shows You Can't Always Patch Fast Enough ... should start to investigate less-vulnerable Web server products. ... Microsoft's Internet Information Server (IIS), ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: preventing username enumeration on NT4
    ... Nimda Worm Shows You Can't Always Patch Fast Enough ... should start to investigate less-vulnerable Web server products. ... Microsoft's Internet Information Server (IIS), ...
    (comp.os.ms-windows.nt.admin.security)