Yes, they truly should have said that it was unlike the previous codered in the fact that it could only compromise 2k systems. CRv1 can compromise both, and CRv2 can only compromise 2k. Both systems fall for the exact same exploit, but the difference is in the payload. There is something in the payload that is incompatible with NT, and thus will just cause the IIS in NT to restart. I don't have the data in front of me, but I remember seing this and it made sense as to what it was at the time... That's just what I've seen and read anyway. Josh Ballard oofle.com Linux Firewall Center http://www.oofle.com/ jballardat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Aug 05 2001 - 16:39:18 PDT