| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: rlanguy at hotmail.com (Lan Guy) Subject: IIS 5.0 random/fixed TCP/UDP ports Have not tried to exploit it, But MS have fixed in IIS 6 (Win2003 Server) at least the port is only open to localhost. So I would argue they have learnt, but they haven't fixed it! ----- Original Message ----- From: Frank Knobbe To: Jean-Baptiste Marchand Cc: full-disclosure@...ts.netsys.com Sent: Tuesday, November 11, 2003 1:51 AM Subject: Re: [Full-Disclosure] IIS 5.0 random/fixed TCP/UDP ports If that port is used INTERNALLY, shouldn't it be listening INTERNALLY, as in LOCALHOST? When will MS ever learn... (And the first one who replies with "Microsoft is adding host based firewalls to 'fix' this architectural oversight" is gonna get added to a filter list... :) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031111/fc3142a9/attachment.html
Powered by blists - more mailing lists