| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: david.vincent at mightyoaks.com (David Vincent)
Subject: Outlook Express Remote Code Execution in Pr
eview Pane (S/MIME)
>Nevertheless, there is still something bothering me: if you look at the IE
6
>SP1 fix list (linked from
>http://support.microsoft.com/default.aspx?scid=kb;en-us;Q326489), there is
>absolutely no reference to this problem.
>
>So, Microsoft addressed a critical problem in the service pack, but decided
>to keep silent about it until now.
>
>I wonder what else has been hidden.
i've been wondering the same thing. they also rolled a remote desktop fix
into xp sp1 and later released a patch for w2k and xp.
lesee... remember this?
-----
Title: Cryptographic Flaw in RDP Protocol can Lead to
Information Disclosure (Q324380)
Released: 18 September 2002
Software: Microsoft Windows 2000
Microsoft Windows XP
Impact: Two vulnerabilities: information disclosure, denial of
service
Max Risk: Moderate
Bulletin: MS02-051
-----
and then...
-----
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS02-051.asp
Additional information about this patch
Installation platforms:
The patch for Windows 2000 can be installed on systems running Windows 2000
Service Pack 2 or Windows 2000 Service Pack 3.
The patch for Windows XP can be installed on systems running Windows XP
Gold.
Inclusion in future service packs:
The fix for this issue will be included in Windows 2000 Service Pack 4.
The fix for this issue is included in Windows XP Service Pack 1.
-----
-d
Powered by blists - more mailing lists