Dailydave mailing list archives

Re: LLSSRV Redux

From: Todd Sabin <tsabin () optonline net>
Date: Thu, 17 Mar 2005 15:04:57 -0500

Dave Aitel <dave () immunitysec com> writes:

With regards to the LLSSRV advisory Immunity published yesterday, we
would like to issue a clarification. There are two ways to get SP4
onto a Windows 2000 Advanced Server machine, as follows:
1. Download SP4 from microsoft.com via networked or express install
2. Obtain and install a Windows 2000 Advanced Server CD or CD image
that includes SP4. This is available from the MSDN CD packages or
online download site. You may also have obtained such a CD from a
vendor or retailer.

The second way is vulnerable; the first way is not.


This suggests that the important difference is not W2K Advanced Server
vs plain W2K Server, but whether you manually applied SP4 or not.
Presumably, you could also get a W2K Server install that also includes
SP4, and that would be vulnerable, too.  (I haven't tested this, of
course.)

-- 
Todd Sabin                                          <tsabin () optonline net>
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

LLSSRV Redux Dave Aitel (Mar 17)
- Re: LLSSRV Redux Todd Sabin (Mar 17)