lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: david.vincent at mightyoaks.com (David Vincent)
Subject: Outlook Express Remote Code Execution in Pr
	eview Pane (S/MIME)

>Nevertheless, there is still something bothering me: if you look at the IE
6
>SP1 fix list (linked from
>http://support.microsoft.com/default.aspx?scid=kb;en-us;Q326489), there is
>absolutely no reference to this problem.
>
>So, Microsoft addressed a critical problem in the service pack, but decided
>to  keep silent about it until now.
>
>I wonder what else has been hidden.


i've been wondering the same thing.  they also rolled a remote desktop fix
into xp sp1 and later released a patch for w2k and xp.

lesee...  remember this?

-----

Title:      Cryptographic Flaw in RDP Protocol can Lead to 
            Information Disclosure (Q324380)
Released:   18 September 2002
Software:   Microsoft Windows 2000 
            Microsoft Windows XP
Impact:     Two vulnerabilities: information disclosure, denial of 
            service
Max Risk:   Moderate
Bulletin:   MS02-051

-----

and then...

-----

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS02-051.asp

Additional information about this patch
Installation platforms: 

The patch for Windows 2000 can be installed on systems running Windows 2000
Service Pack 2 or Windows 2000 Service Pack 3. 
The patch for Windows XP can be installed on systems running Windows XP
Gold. 
Inclusion in future service packs:


The fix for this issue will be included in Windows 2000 Service Pack 4. 
The fix for this issue is included in Windows XP Service Pack 1. 

-----


-d

Powered by blists - more mailing lists