Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: iis server strings vs. patch level

From: "Fernando Rodriguez" <frodriguez () dianet-it com>
Date: Wed, 6 Mar 2002 11:36:14 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can download from Microsoft public website the tool
HotFixNetCheck (hfnetchk.exe) that can be used to check
the service pack and hot fix level on a Microsoft system
(operating system and relevant aplications like IIS, IE, ...)
You need admin privilege in the target system.


Fernando Rodriguez

IT Security Manager
Diana Internet
 

- -----Mensaje original-----
De: Skip Hans Stellhorn [mailto:skip.stellhorn () ncircle com]
Enviado el: jueves, 28 de febrero de 2002 19:49
Para: pen-test () securityfocus com
Asunto: iis server strings vs. patch level


Does anyone know of a good resource for
mapping various patch levels of an IIS
server to hotfixes and service packs applied?

For example, exchange gives a ton of version
info on an SMTP connect (5.5.2653.13) which
probably corresponds to a very specific condition
of applied patches/hotfixes/service packs.

- ----
- - Skip Hans Stellhorn
- - Vulnerability Research
- - nCircle Network Security
- ----
- - BF96 B2EB 8466 ED60 6B03
- - B59E B61C 69A9 84E2 054A
- ----


- ----------------------------------------------------------------------
- ------
This list is provided by the SecurityFocus Security Intelligence
Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities
please see:
https://alerts.securityfocus.com/

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPIXuo2lE33ntxVs6EQJUZwCgsm3q1pp5GU/qEzsG2V56hg8BOlwAoMnU
pnqLWoVTLGh8QEORr3S2IyKl
=h+/P
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: