Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: CR II - winME? confirmation? (Slightly OT)

From: Gregory_DeGennaro () csaa com
Date: Tue, 7 Aug 2001 10:25:31 -0700 
Amer,

Actually it has ... check out www.incidents.org.

It appears that most of the CRII and III traffic is coming from W2K servers
from home user machines.  At least, for me it is.

Greg

-----Original Message-----
From: Amer Karim [mailto:amerk () telus net]
Sent: Tuesday, August 07, 2001 8:04 AM
To: VULN-DEV List
Subject: Re: CR II - winME? confirmation? (Slightly OT)


Hi All,

All the advisories about CR state that only IIS servers are vulnerable.
However, it's my understanding that the unchecked buffer in idq.dll was the
source of that vulnerability.  If that's the case, then why have the
advisories not included Win2K systems (all flavours) since idq.dll is
installed by default as part of the indexing service on all these systems -
regardless of whether they are using the service or not?  Wouldn't that make
ANY system with the indexing service on it just as vulnerable as systems
with IIS? Am I overlooking something obvious here?

Regards,
Amer Karim
Nautilis Information Systems
e-mail: amerk () telus net, mamerk () hotmail com
Previous By Date Next
Previous By Thread Next

Current thread: