[<prev] [next>] [day] [month] [year] [list]
Message-ID: <41B1FD84D49E05448A4233378E6BF475163C5E@entmsgnt03.fm.frd.fmlh.edu>
From: jheidtke at fmlh.edu (Jerry Heidtke)
Subject: Foundstone Labs to Release Absolutely FREE Tool
The ISS tool (http://www.iss.net/support/product_utilities/ms03-043/)
will do this (display a pop up). In fact, by default, the ISS tools pops
up a message directing people to their website:
------------------------------------------------------------------------
This popup is generated by the "Messenger Service".
A critical bug has been found in this service that
will allow hackers to gain control over this machine.
Microsoft describes the bug at the following URL:
http://www.microsoft.com/technet/security/bulletin/MS03-043.asp
You can protect yourself via the Windows Update
mechanism, or by disabling the "Messenger Service" via
the "Services" control panel.
The following URL provides explains why you received this message and
additional ways that you can protect your desktop:
http://www.iss.net/support/ms03-043
THIS MESSAGE WILL CONTINUE TO APPEAR UNTIL YOU FIX THIS PROBLEM!
------------------------------------------------------------------------
The message can be customized. As it stands, some people might consider
it to be spam. The tool could be used as a very effective messenger spam
tool. Other messenger spam tools I've seen are more limited in the ports
they can send pop up messages to.
Jerry
-----Original Message-----
From: Brown, Randy (InfoSec) [mailto:randy.brown@...com]
Sent: Friday, October 17, 2003 10:49 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] Foundstone Labs to Release Absolutely
FREE Tool
Nice tool. Be nice to have a feature that displays a pop-up on the
remote for those instances where folks are on a dial-up, remote... The
pop-up box could be configured with a message that the user has to do
something...
Randy
What can Brown do for you? (tm)
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Michael
Renzmann
Sent: Friday, October 17, 2003 11:13 AM
To: James Foster
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Foundstone Labs to Release Absolutely
FREE Tool
Hi.
James Foster wrote:
> One liner: Our free tool, MessengerScan, is available for free
> download
> at www.foundstone.com <http://www.foundstone.com/>
Nothing about your tool, but your advertising here sucks. Posting a
short and factual mail would be fine, but this marketing-speech is
really misplaced here.
Bye, Mike
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
Powered by blists - more mailing lists