Re: FW: Security Vulnerability with SMS 2.0 Remote Control

From: Maniac . (m_a_n_i_a_c_at_private)
Date: Fri Jan 21 2000 - 14:24:22 PST

Next message: Arne Vidstrom: "RDISK registry enumeration file vulnerability in Windows NT 4.0"

Previous message: Vanja Hrustic: "stream.c/raped.c tests (just for stats)"
Maybe in reply to: Brandon Eisenmann: "FW: Security Vulnerability with SMS 2.0 Remote Control"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This was originally reported back in December on another mailing list (Win2K
Security Advice).  Basically, as Frank suggested this isn't really a huge
security issue as proper ACL settings will guard against this problem.  But
it is important that people running SMS 2.0 are aware of this hole.

Probably another oversight on Microsoft's part, why would they not have the
install process of SMS 2.0 on each client take care of this.  Hopefully they
will decide to fix this in the next SMS 2.0 SP.


>Subject: FW: Security Vulnerability with SMS 2.0 Remote Control



-==-Man!ac-==-
"I don't intend to offend, I offend with my intent"

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Next message: Arne Vidstrom: "RDISK registry enumeration file vulnerability in Windows NT 4.0"
Previous message: Vanja Hrustic: "stream.c/raped.c tests (just for stats)"
Maybe in reply to: Brandon Eisenmann: "FW: Security Vulnerability with SMS 2.0 Remote Control"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:29:50 PDT