Bugtraq mailing list archives

Re: ISS Internet Scanner Cannot be relied upon for conclusive

From: francis.favorini () DUKE EDU (Francis Favorini)
Date: Fri, 12 Feb 1999 15:45:06 -0500


David LeBlanc [mailto:dleblanc () mindspring com] wrote...

At 07:37 PM 2/10/99 +1100, Darren Reed wrote:

In some mail from David LeBlanc, sie said:

We check file dates when checking for NT patches, and would catch

your

example.

I don't see how that can be considered "adequate".


Because it is going to be accurate on 99+% of NT systems.  The file
timestamps are all the same when you install a hotfix.


What about daylight savings, which can change the time of a file by one
hour, which in turn can bump it to a new date?
What about patches that don't change file dates or sizes?  (Like some of
the recent Office 97 ones.)

        -Francis

Current thread:

remote fakebo shell exploit, (continued)
- - remote fakebo shell exploit Groovy Pants Gus (Feb 11)
  - AW: Security Bug in Bintec Router Firmware (CLID) Thomas Schmidt (Feb 11)
    - Re: Security Bug in Bintec Router Firmware (CLID) Pascal Gienger (Feb 11)
  - Seeking Policy Data Loftin C. Woodiel (Feb 11)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive der Mouse (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Ulf Munkedal (Feb 10)
  - Re: ISS Internet Scanner Cannot be relied upon for conclusive Brian Koref (Feb 11)
  - Buffer overflow in Serve-U Ryan Sweat (Feb 11)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Phil Waterbury (Feb 11)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Francis Favorini (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Steven M. Christey (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Daniele Orlandi (Feb 13)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Shaun Lowry (Feb 15)