MS05-010 CorrectionQuoting Dave Aitel directly from [Dailydave] LLSSRV Clarifications. As stated in MS05-010, LLSSRV is not remotely exploitable on Windows 2000 Server SP3 and 4 without authentication. However, it is remotely exploitable in Windows 2000 Advanced Server SP 3 and 4 without authentication. More information at the Immunity Inc. web site: http://www.immunitysec.com/downloads/llssrv_miss.pdf It's the end of the world as we know it...An article titled "How To Save The Internet" is an interesting read. Aside from the US centric bias it points out that the Internet as we know and love it today is essentially dysfunctional. Which brings us to the question of how to either save it, or move on to a better method of safely and securely connecting the world together. I have my own thoughts about some of the ideas raised in the article; some are silly, some are not feasible, but some merit some thought and attention. What do you think? http://www.cio.com/archive/031505/security.html DNS cache poisoning incidentsThere have been widespread reports of DNS cache poisoning and users being redirected on a major scale to certain web sites. Symantec has released a hotfix addressing a DNS cache poisoning and redirection issue with their Gateway Security, Enterprise Firewall, and VelociRaptor products. Products other than Symantec's are also reported to be impacted. More information is available from the following URLs: http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html http://www.techweb.com/wire/security/159900971 New HandlerI have the pleasure of introducing a new Incident Handler who has joined our ranks. His name is William Salusky. Welcome to the club William. Adrien de Beaupré, handler of the day |
Adrien de Beaupre 353 Posts ISC Handler |
| Subscribe |
Mar 16th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
