| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed Aug 17 21:59:34 2005 From: fw at deneb.enyo.de (Florian Weimer) Subject: Re: It's not that simple... * Micheal Espinola, Jr.: > PnP is not a show stopper when it comes to patch compatibility testing > - especially considering the fact that the exploit allows for remote > code execution and elevation of privilege. Perhaps certain people > need to learn or take a refresher course of what that exactly implies. It doesn't exactly help that Microsoft puts random unrelated crap into security updates and not just the fix. This means that you have to perform full regression tests even if something is patched that isn't actually used on your systems. > And I'd say it is just that simple when you consider the fact that San > Diego County waited to install the patch *the night after* they got > hit by the worm. *That's* why organizations like San Diego County, > with ~12,000 Win2k hosts, were bitten so badly. Doesn't the exploit code need a null session? This leads to the question why people have 12,000 Windows boxes, 2000 or not, on their network, many of them offering null sessions. Especially since disabling null sessions makes tons of other exploits (which use the leaked data for guessing administrator passwords, for example) quite a bit harder. It's actually rather surprising that they had no previous botnet experience with such a setup. Maybe they just didn't notice.
Powered by blists - more mailing lists