Bugtraq mailing list archives
ISS Internet Scanner Brute Force Bug
From: alex_tampermeier () HOTMAIL COM (alexander tampermeier)
Date: Wed, 17 Feb 1999 23:54:11 PST
The Internet Scanner lets you brute force by using username/password pairs specified in the file default.login. I specified a known username/password pair but the scanner could not login. The reason is that the Internet Scanner needs a carriage return after the last username/password pair. If it finds just an EOF marker then the password gets modified by adding an additional character. For example the password test is modified to testo. Alexander alex_tampermeier () hotmail com ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- ISS Internet Scanner Brute Force Bug alexander tampermeier (Feb 17)
- Re: ISS Internet Scanner Brute Force Bug David LeBlanc (Feb 18)
- ISS forum Christopher Klaus (Feb 18)
- L0pht Security Advisory: Windows NT Dildog (Feb 18)
- <Possible follow-ups>
- Re: ISS Internet Scanner Brute Force Bug David LeBlanc (Feb 19)