Full Disclosure mailing list archives

Re: Microsoft Security Update

From: "Anthony Saffer" <anthonysaffer () yahoo com>
Date: Fri, 5 Sep 2003 15:15:51 -0700

It's not something you could directly own the box with, unlike RPC vuln
that Blaster uses; it merely exposes some trivia, thus the "low" rating.


Yeah, but what if that "trivia" is your credit card information or your SSN
or some other important piece of data? I personally think this should have a
higher rating and IMHO think MS knows it too but is going to downplay it due
to it's severity.

Anthony

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

FW: Microsoft Security Update Thor Larholm (Sep 03)
- <Possible follow-ups>
- RE: FW: Microsoft Security Update Ferris, Robin (Sep 04)
  - Re: FW: Microsoft Security Update Valdis . Kletnieks (Sep 05)
- RE: FW: Microsoft Security Update Ferris, Robin (Sep 05)
- Re: Microsoft Security Update Anthony Saffer (Sep 05)