Bugtraq mailing list archives
Fwd: Information on MS99-022
From: vanja () SIAMRELAY COM (Vanja Hrustic)
Date: Sun, 4 Jul 1999 03:49:54 +0700
I haven't seen this on the Bugtraq, but it's very interesting... --
Wanted to advise that we are making information available regarding the technical details involved in the "Double Byte Code Page" vulnerability (http://www.microsoft.com/security/bulletins/ms99-022.asp). We've provided a full description to the ICSA, for dissemination within their Intrusion Detection Consortium. This will allow security vendors to have access to the information that they need to develop scanning tools that will check for this attack. However, we are not planning to do a general release of the information. If you are running IIS 3.0 or 4.0 on a server whose default language is set to Chinese, Japanese, or Korean, you should apply the patch. Cheers, Secure () microsoft com
-- So, if I have my custom-developed IDS running, I won't be able to implement a pattern for this, because I am not a member of 'Intrusion Detection Consortium'? Note the words... "This will allow security vendors to have access to the information..." - why only security vendors? What better they are than Bugtraq folks? "Security through obscurity" comes to mind... Vanja
Current thread:
- Fwd: Information on MS99-022 Vanja Hrustic (Jul 03)
- Re: Fwd: Information on MS99-022 Renaud Deraison (Jul 03)
- Re: Fwd: Information on MS99-022 Darren Reed (Jul 04)
- Re: Fwd: Information on MS99-022 Renaud Deraison (Jul 05)
- Re: Fwd: Information on MS99-022 Darren Reed (Jul 05)
- IGMP fragmentation bug in Windows 98/2000 Coolio (Jul 03)
- Re: IGMP fragmentation bug in Windows 98/2000 Steve (Jul 08)
- PR from MS about BO2K Christopher Schulte (Jul 10)
- ip stack bug in windows kod.c(kiss of death) klepto (Jul 03)
- Re: Fwd: Information on MS99-022 Renaud Deraison (Jul 05)
- Re: Fwd: Information on MS99-022 Darren Reed (Jul 04)
- Re: Fwd: Information on MS99-022 Renaud Deraison (Jul 03)