RE: Microsoft IIS Authentication Manager Account Conformation Vuln?

From: Russ (Russ.Cooperat_private)
Date: Tue May 06 2003 - 08:33:00 PDT

Next message: Matt Zimmerman: "[SECURITY] [DSA 299-1] New leksbot packages fix improper setuid-root execution"

Previous message: securityat_private: "Security Update: [CSSA-2003-018.0] OpenLinux: file command buffer overflow"
Maybe in reply to: JeiAr: "Microsoft IIS Authentication Manager Account Conformation Vuln?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

First described by mnemonix on Febuary 24, 1999, in NTBugtraq post;

http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9902&L=ntbugtraq&F=P&S=&P=5572
(URL is wrapped to more than one line, you must reconnect the pieces for it to work properly)

Cheers,
Russ - NTBugtraq Editor

-----Original Message-----
From: JeiAr [mailto:jeiarat_private] 
Sent: Saturday, May 03, 2003 3:58 AM
To: bugtraqat_private
Subject: Microsoft IIS Authentication Manager Account Conformation Vuln?

Let me start off by saying that im not sure if this already exists, 

but i have never heard of it and neither has anyone i asked.
<snip>

Next message: Matt Zimmerman: "[SECURITY] [DSA 299-1] New leksbot packages fix improper setuid-root execution"
Previous message: securityat_private: "Security Update: [CSSA-2003-018.0] OpenLinux: file command buffer overflow"
Maybe in reply to: JeiAr: "Microsoft IIS Authentication Manager Account Conformation Vuln?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 06 2003 - 09:38:19 PDT