Penetration Testing mailing list archives

Re: [PEN-TEST] RDS exploit simulation

From: Oliver Petruzel <oliverpetruzel () EMAIL COM>
Date: Mon, 18 Sep 2000 14:00:34 -0400

This is because you are using patched versions being >>distributed on

newer

versions of the Option Pack and MCIS CD's.


I actually have stayed away from ALL "option packs" on purpose for that
reason.  I have been using the NT 4.0 IIS base install and then up to
and including Service Pack 4.  Which is mdac 2.0.

It was my understanding that 2.0 was still vuln.  or is it not?
right now, I'm unable to find an old enough option pack.  The ones I
have install mdac 2.1.

Perhaps someone can better explain this vuln to me (and everyone else)
since it is so common in the wild.  Thanks.

./oliver


-----------------------------------------------
FREE! The World's Best Email Address @email.com
Reserve your name now at http://www.email.com

Current thread:

[PEN-TEST] RDS exploit simulation Oliver Petruzel (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Mordechai Ovits (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Johan Persson (Sep 18)
- <Possible follow-ups>
- Re: [PEN-TEST] RDS exploit simulation Davidson,Sam (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Oliver Petruzel (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Oliver Petruzel (Sep 18)
  - Re: [PEN-TEST] RDS exploit simulation Steve (Sep 19)