RE: CR II - winME? confirmation? (Slightly OT)

From: Gregory_DeGennaroat_private
Date: Tue Aug 07 2001 - 10:25:31 PDT

  • Next message: Grab Raham: "Re: CR II - winME? confirmation? (Slightly OT)"

    Amer,
    
    Actually it has ... check out www.incidents.org.
    
    It appears that most of the CRII and III traffic is coming from W2K servers
    from home user machines.  At least, for me it is.
    
    Greg
    
    -----Original Message-----
    From: Amer Karim [mailto:amerkat_private]
    Sent: Tuesday, August 07, 2001 8:04 AM
    To: VULN-DEV List
    Subject: Re: CR II - winME? confirmation? (Slightly OT)
    
    
    Hi All,
    
    All the advisories about CR state that only IIS servers are vulnerable.
    However, it's my understanding that the unchecked buffer in idq.dll was the
    source of that vulnerability.  If that's the case, then why have the
    advisories not included Win2K systems (all flavours) since idq.dll is
    installed by default as part of the indexing service on all these systems -
    regardless of whether they are using the service or not?  Wouldn't that make
    ANY system with the indexing service on it just as vulnerable as systems
    with IIS? Am I overlooking something obvious here?
    
    Regards,
    Amer Karim
    Nautilis Information Systems
    e-mail: amerkat_private, mamerkat_private
    



    This archive was generated by hypermail 2b30 : Tue Aug 07 2001 - 17:41:15 PDT