Re: Security issue with making NNTP accessible?


<jwgoerlich@xxxxxxxxx> wrote in message
news:1174254581.941072.61560@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
As with any Internet-facing service, keep up on your patches. However,
to the best of my knowledge, there has only been one exploit and patch
for Windows NNTP.

Microsoft Security Bulletin MS04-036
Vulnerability in NNTP Could Allow Remote Code Execution (883935)
http://www.microsoft.com/technet/security/Bulletin/MS04-036.mspx


Yes, but it would be the newsreader clients that would be
used inside in this case . . .



On Mar 17, 9:47 am, "Mark" <m...@xxxxxxxxxx> wrote:
What security issues are there with making port 119 available so that
users
can access Usenet? Other than the typical threats, like viruses and
whatnot, are there more serious concerns that warrant blocking that port
altogether?

Thanks!
Mark




.

Relevant Pages

  • Ping: Ken Blake
    ... What you have provided is NOT a patch. ... It will not correct the RPC/RPCSS Buffer Overflow Vulnerability that is addressed by ... Microsoft Security Bulletin MS03-39 http://support.microsoft.com/?kbid=824146 That is the ... "patch" to prevent the Internet worms. ...
    (microsoft.public.windowsxp.general)
  • [Full-Disclosure] MS02-065 vulnerability
    ... Microsoft security bulletin ... visit a web site or open an HTML mail". ... vulnerability, exploitable by a Web page or email; ... Just as exploitable after the patch. ...
    (Full-Disclosure)
  • Microsoft Security Bulletin MS06-067 (922760) Question
    ... Now that the patch for Microsoft Security Bulletin MS06-067 has ... been applied and supposedly fixed the Direct Animation control ... vulnerability, does this mean we can remove the kill bit (per Security ...
    (microsoft.public.win2000.security)
  • Re: Security issue with making NNTP accessible?
    ... As with any Internet-facing service, keep up on your patches. ... to the best of my knowledge, there has only been one exploit and patch ... for Windows NNTP. ...
    (microsoft.public.security)