[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Re: It's not that simple...
- To: Florian Weimer <fw@xxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Re: It's not that simple...
- From: Jason Coombs <jasonc@xxxxxxxxxxx>
- Date: Wed, 17 Aug 2005 11:23:57 -1000
Florian Weimer wrote:
Doesn't the exploit code need a null session?
Under Windows 2000 it does, the other OSes require authenticated
sessions to launch the exploit.
Not clear whether Windows 2000 allows disabling of null sessions, but
the implication is not.
http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx
Regards,
Jason Coombs
jasonc@xxxxxxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/