[<prev] [next>] [day] [month] [year] [list]
Message-ID: <009306EBDB2AD711AFAB00D0B78EC3A7323F11@u-sais-ntx01.nsa.souda.navy.mil>
Date: Fri, 25 Jul 2003 12:48:05 +0300
From: "Angelidis, Fotis(NSASOUDABAY)" <AngelidisF@....souda.navy.mil>
To: "'bugtraq@...urityfocus.com'" <bugtraq@...urityfocus.com>
Subject: RE: Windows NT 4.0 with IBM JVM Denial of Service
>Microsoft has issued a bulletin and a patch. More information
>is available at:
>http://www.microsoft.com/technet/security/bulletin/MS03-029.asp
>Recommendation:
>Java developers should identify all occurances and perform data
>validation where java.io.getCanonicalPath is used.
>NT 4.0 Administrators running servers which use Java servlets
>should consider installing the Microsoft supplied patch.
After installing the patch on an NT 4 SP 6a server, we experienced problems
with the RAS manager. Specifically, while the machine was rebooting after
the update, the familiar "One or more services ..." window popped up.
Seconds before we pull up the Event Viewer to examine what went wrong during
the startup Dr. Watson appeared stating that an exception had happened while
loading loadqm.exe. The Event viewer, on the other hand, showed us three
main error messages:
Event ID 7001 - Remote Access Autodial Manager,
Event ID 7023 - Remote Access Connection Manager and
Event ID 20067 - Point to Point Protocol failed to initialize.
Uninstalling the patch didn't help, neither uninstalling/installing the RAS
service. The only solution which seemed appropriate at the moment was to
re-install the operating system, which we did.
After installing and setting up the server, we visited windowsupdate.com.
Since previously the specific patch was installed following the above link,
we decided to let Windows Update find the available patches for our case
this time. The patch was included in the recommended updates, so we
downloaded all the updates, installed and rebooted the machine.
Unfortunately, the same errors appeared again. The difference this time was
that after unistalling the specific patch everything was back to normal,
fortunately :)
Has anybody else experienced any kind of strange behaviour after installing
this patch ?
Powered by blists - more mailing lists