Bugtraq mailing list archives
Re: Alert: Microsoft Security Notification service
From: aleph1 () DFW NET (Aleph One)
Date: Wed, 1 Jul 1998 21:38:09 -0500
---------- Forwarded message ---------- Date: Wed, 1 Jul 1998 22:30:57 -0400 From: Russ <Russ.Cooper () RC ON CA> To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM Subject: Re: Alert: Microsoft Security Notification service First, a clarification to the "Disable READ Access" workaround statement. You can prevent the ASP's from being viewed by disabling READ access within MMC for the ASPs. If you disable READ access for your entire site (or all files, like .gif, .htm, .etc) then those files will not be displayed at all. ASPs need execute only, all non-executing files need READ access to display normally. Second, Microsoft have been notified. Expect a fix announcement shortly. Third, I was able to talk to Bob Denny (author of O'Reilly's WebSite Pro), it is not affected by this exploit. I was not able to find a contact at Netscape to ask. Cheers, Russ
Current thread:
- Re: Alert: Microsoft Security Notification service Aleph One (Jul 01)