Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: More Vista 7 Goodness

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

____/ Tony Manco on Thursday 10 Sep 2009 00:22 : \____

> Roy Schestowitz wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> 
>> ____/ Tony Manco on Wednesday 09 Sep 2009 14:13 : \____
>> 
>>> Erik Funkenbusch wrote:
>>> 
>>>> On Tue, 08 Sep 2009 11:49:31 +0100, Roy Schestowitz wrote:
>>>> 
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>> Hash: SHA1
>>>>> 
>>>>> Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
>>>>> 
>>>>> ,----[ Quote ]
>>>>>| V. BUSINESS IMPACT
>>>>>| 
>>>>>| An attacker can remotly crash without no user interaction, any
>>>>>| Vista/Windows 7 machine with SMB enable. Windows Xp, 2k, are NOT
>>>>>| affected as they dont have this driver.
>>>>>| 
>>>>>| VI. SYSTEMS AFFECTED
>>>>>|
>>>>>| Windows Vista/7 All (64b/32b|SP1/SP2 fully updated) and possibly 
Win
>>>>>| Server 2008 as it use the same SMB2.0 driver (not tested).
>>>>> `----
>>>>> 
>>>>> http://seclists.org/fulldisclosure/2009/Sep/0039.html
>>>> 
>>>> Yeah, cause it's not like we haven't seen kernel panics in free os's 
in
>>>> their remote network code.
>>>> 
>>>> http://www.edgeos.com/threats/details.cgi?id=20989
>>> 
>>> Right...
>>> 
>>> Published:    Feb 27 2006 12:00AM
>>> Updated:    Mar 04 2006 04:16AM
>>> 
>>> You look a little outdated... lets get a little recent...
>>> 
>>> The security risk mentioned by the OP has not been fixed yet, you 
might
>>> as well pray for them to release a fix ASAP like next Tuesday or else
>>> your whole "gang" might suffer from the WinNuke effect...
>> 
>> The official Microsoft response is "blame others" (the "they too"
>> defence).
>> 
> 
> Where did you see that?

All ova' the place. It's typical.

"They are evil too..."

"Blame the game, not the player..."

"Are you anti-capitalist..."

"They did the same thing..."

"It's not against the law..."

"We didn't realise we were lying..."

"Sorry about [getting caught] bribing people..."

- -- 
		~~ Best of wishes

Roy S. Schestowitz      | Useless fact: the buttocks is the largest 
muscle
http://Schestowitz.com  | Mandriva Linux |     PGP-Key: 0x74572E8E
         run-level 2  Sep  9 21:22
      http://iuron.com - help build a non-profit search engine
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqoTW8ACgkQU4xAY3RXLo5MQwCfdrs6wG3UVEGX0vD8dWU280T5
3qYAoIwQ9bWnQtusKLwZcwVOyI26l245
=Rs7I
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index