>-----Original Message----- >From: Menashe Eliezer [mailto:menasheat_private] >Sent: 25 April 2002 18:18 >To: 3APA3A >Cc: Bugtraq; vuln-dev >Subject: RE: Microsoft Baseline Security Analyzer exploit (Exposed >vulnerabilities' list) > > >The vulnerabilities' list is accessible even by unprivileged >user account. Just as a side note, but it shows that it's not only the MBSA that exposes this sort of damaging information, the vulns list can also be remotely inferred if SNMP is enabled, since it is possible to enumerate the list of installed service packs / hot fixes and thereby deduce any omissions: example from "snmputil walk <ip.addr> public .1.3.6.1.2.1." ---snip--- Variable = .25.6.3.1.2.41 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q292435 for more information] Variable = .25.6.3.1.2.42 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q296074 for more information] Variable = .25.6.3.1.2.43 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q298009 for more information] Variable = .25.6.3.1.2.44 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q298012 for more information] Variable = .25.6.3.1.2.45 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q299553 for more information] Variable = .25.6.3.1.2.46 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q299687 for more information] Variable = .25.6.3.1.2.47 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q299796 for more information] Variable = .25.6.3.1.2.48 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q300477 for more information] Variable = .25.6.3.1.2.49 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q300972 for more information] Variable = .25.6.3.1.2.50 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q301077 for more information] Variable = .25.6.3.1.2.51 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q301625 for more information] Variable = .25.6.3.1.2.52 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q302755 for more information] Variable = .25.6.3.1.2.53 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q302827 for more information] Variable = .25.6.3.1.2.54 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q303984 for more information] Variable = .25.6.3.1.2.55 Value = OCTET STRING - Windows 2000 Hotfix (Pre-SP3) [See Q304135 for more information] ---snip--- DaveK -- Burn your ID card! http://www.optional-identity.org.uk/ Help support the campaign, copy this into your .sig! ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **********************************************************************
This archive was generated by hypermail 2b30 : Fri Apr 26 2002 - 08:54:33 PDT