Information Security News mailing list archives
NT4 SP6? MS admits NT has a serious security flaw
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Wed, 8 Sep 1999 19:25:46 -0600
From: "Noonan, Michael D" <michael.d.noonan () intel com> http://www.planetit.com/techcenters/docs/windows_2000/news/TWB19990826S000 Microsoft Admits NT Has Serious Security Flaw by Peter Heywood (August 26, 1999) Data Communications "We are trying to escalate this further and get it into the Hot Fix schedule," Gopal adds. NT SP4 is used in a lot of public-facing e-mail hosts and Web servers. Individual users need to assess the potential impact of a breach in security, and decide whether to disable Internet use on NT SP4 servers or move to non-NT platforms until the problem has been resolved, according to NTA Monitor. What is Predictable IP Sequence Numbering? Secure systems are usually configured so that they'll only accept commands from trusted hosts. They prevent hackers masquerading as trusted hosts by responding to every command with a sequence number that must be quoted in the next command. Hackers can't capture these responses because they're directed at the trusted host, so they have to guess what the next sequence number will be. If it's predictable (as in 1, 2, 3, 4, in the simplest case), hackers can send in a whole string of commands without getting any responses. For more information, see http://www.nta-monitor.com/news/NT4-SP4.htm Microsoft has acknowledged a serious security flaw in NT when used with Service Pack 4 (SP4) -- probably the most commonly deployed version of its operating system. The flaw enables hackers to masquerade as trusted hosts to get access to secure systems, using so-called Predictable IP Sequence Numbering - something that was identified and fixed in Unix systems several years ago, according to Richard Thomas, head of Winterfold Datacomm (Guildford, UK), a networking consultancy. "It's very sloppy for Microsoft not to have plugged this hole," Thomas said. [snip..] ISN is sponsored by Security-Focus.COM
Current thread:
- NT4 SP6? MS admits NT has a serious security flaw mea culpa (Sep 10)