Crypto-gram for December 15, 2000. In this issue: Voting and Technology, Crypto-Gram Reprints, IBM's New Crypto Mode of Operation, Solution in Search of a Problem: Digital Safe-Deposit Boxes, and New Bank Privacy Regulations.
ff3f1cc0bac61ff3d6e20ab4e727a56aa83079c0f8ff7ab9d5432dd099ba8ad9Microsoft Security Bulletin (MS00-097) - Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows Media Server which allows malicious users to degrade the performance of a Windows Media server to the point where it could no longer provide useful service. When a connection to a Windows Media server is made, then severed, using a particular sequence of TCP/IP packets, the Windows Media Unicast Service does not release all of the resources allocated to the connection. When repeatedly making and then severing connections in this manner, malicious users can exhaust the resources of the server. Microsoft FAQ on this issue available here.
613f0a1ea210493f1edac7eb5a50da9377cf301c0cd903f10d888953a7de0f9eLinux Xsoldier local root buffer overflow exploit. Overflows the -display command line option.
b399b42f07b8641525a5352aaf822e9698210c090495c285cd9fc11af3fdf062Advanced Office 2000 Password Recovery (professional edition) - Recovers lost passwords for Microsoft Word, Excel, Access, PowerPoint 97, Project, Money, Outlook, Backup, Schedule+, Mail, IE 3, 4, and 5, Visio 4 and 5, and others. All passwords are decrypted instantly except Word/Excel 97/2000 which has strong crypto and is only vulnerable to brute force attack. 30 day trial, although it does not actually expire.
36a029d56d699a3688c129dac53346e12e550312cc228e997b4d90d9939a70ccIDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.
fa8dbeafaa0e09aaf18815c3c8f399c990d76fe3c94d68b2e9a889a7c19ff34a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed