P2P-Zone

P2P-Zone (http://www.p2p-zone.com/underground/index.php)
-   Peer to Peer (http://www.p2p-zone.com/underground/forumdisplay.php?f=5)
-   -   Microsoft Security Bulletin (MS00-079) (http://www.p2p-zone.com/underground/showthread.php?t=2071)

Malk-a-mite 26-05-01 05:46 PM
Microsoft Security Bulletin (MS00-079)
 
Moved to Peer-to-Peer by Malk
---------------
The story:
http://www.theregister.co.uk/content/4/19234.html

Quote:
A maliciously-crafted Telnet URL can be used to trigger a buffer overrun, which in turn would enable an attacker to run arbitrary code on a machine with the victim's level of permission. A malicious HTML page exploiting the hole could easily be circulated via e-mail.
The M$ response:
http://www.microsoft.com/technet/sec...n/MS00-079.asp

Quote:
The HyperTerminal application is a communications utility that installs by default on all versions of Windows 98, 98SE, Windows ME, Windows NT 4.0, and Windows 2000. The product contains two unchecked buffers through which an attacker could potentially cause code of her choice to run on another user’s machine:

Mehmet 26-05-01 06:07 PM
In English, dont keep your naked pictures on your online pc..


Cheers Malk.. Been some time..

rebel_mom 26-05-01 06:09 PM
Yes I got that warning today since I help alot of seniors and many are from the UK or correspond with the Uk.

zombywoof 26-05-01 06:15 PM
I don't even know why they even bother packaging hyperterm on these pc's. Hyperterm IMO is a piece of garbage. I'd rather use packages such as procomm or Terranova for remote dial access and terminal emulation.

Thanks for the updates malk.:tu:

TankGirl 26-05-01 06:25 PM
...and out goes Hyperterminal from my system. Thanks again Malk-a-mite for bringing us important security information. :tu:

Note also this important news item that Malk posted recently on P2P:

Quote:
Windows Media Player hole surrenders your machine
http://www.theregister.co.uk/content/6/19164.html

"The Windows Media Player ASX (Active Stream Redirector) processor contains an unchecked buffer susceptible to an overrun which could enable an attacker to run arbitrary code on a machine with the victim's level of permission, a Microsoft security bulletin warns. "
So if you use Windows Media Player 6.4 or 7 it might be wise to download and run the security patch for ver 6.4 or the upgrade to 7.1 from ver 7.

Microsoft has had plenty of security problems in its standard software lately and especially IE seems to be a big security hole in itself.

- tg ;)

Mehmet 26-05-01 06:51 PM
even better, spend some cash on macintosh..

assorted 24-06-01 01:27 AM
lovely link malk; thx.

has this one ever been fixed?

http://www.guninski.com/javaea.html

i still have active scripting turned off on my ie because of it... it works like a charm... i haven't upgraded my ie in a while; was this ever taken care of?


All times are GMT -6. The time now is 03:34 PM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)