[ISN] Wh00ps again! -- "Weenie" bug resurrected on Yahoo

From: InfoSec News (isnat_private)
Date: Tue May 15 2001 - 11:14:51 PDT

  • Next message: InfoSec News: "[ISN] Arizona governor vetoes cyber-security bill"

    [It appears I reposted a news story as old as the six-pack of Molson's
    Canadian I found in my garage, smuggled into the U.S. from my last
    road trip to the Great White North back in early 2000. I will try not
    to post any stories of the same vintage as the Point Beer Winter Bock
    that I found also in the same corner of my garage.  Thanks to *ALL*
    the readers that pointed this M$ advisory out to me.  :)  -=-  WK]
    By Robert Lemos
    Special to CNET News.com 
    May 15, 2001, 10:00 a.m. PT 
    More than a year after it was originally reported, the "Netscape
    engineers are weenies!" security hole in Microsoft software made a
    brief comeback Monday and Tuesday on Yahoo's Small Business portal.
    A three-paragraph account on the bug--originally reported April 14,
    2000--appeared without a date or byline on Yahoo's site, stating:
    "Last Thursday, Microsoft admitted its engineers planted a secret
    password in its software that could be used to gain illegitimate
    access to hundreds of thousands of Internet sites worldwide."
    Microsoft stressed that the report isn't new. "It's a year-old
    problem," said a Microsoft representative. "We are trying to get
    through to Yahoo to see what it's doing up there."
    Several readers contacted CNET News.com Tuesday seeking further
    information about the Yahoo report.
    While originally reported as a "back door"--a secret password that
    gives full access to another person's system--the "weenies" flaw is
    actually an inadvertent bug in a dynamic link library, or DLL, file
    known as "dvwssr.dll" that allows access to a Web site's active server
    However, to access the pages, would-be intruders need to use a key to
    encode Web page names. The key is "!seineew era sreenigne
    epacsteN"--or "Netscape engineers are weenies!" spelled backwards--a
    holdover from Microsoft's browser war with Netscape.
    The file with the security flaw is provided by Microsoft to support
    its Visual Interdev 1.0 application, an older, rarely used program
    that helps Webmasters track broken links. Though few people use it,
    the file is part of the default installation for Web servers using
    Windows NT 4.0 and Microsoft's Internet Information Service 4.0
    software as well as Microsoft's FrontPage 98 software and its Personal
    Web Server 4.0.
    Yahoo apparently removed the article around 9 a.m. PDT Tuesday, but a
    Yahoo representative could not immediately explain the report.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Wed May 16 2001 - 00:48:35 PDT