|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Brian McClory (security_resources
HOTMAIL.COM)Date: Mon Apr 02 2001 - 15:32:49 CDT
I don't see this as being a true security risk. As you mention in
your advisory, this only occurs if the installer has notification set for
event logs and event logs are left to the default write method.
I honestly think that the only people at risk here are incompitent
administrators who do not porperly configure their network. That being the
case,
this puts the risk into the ID10T catagory. I put this on the par with
administrators who allow their smtp servers to relay for anyone and who set
their firewalls to allow netbios traffic through.
Just my 2 cents...
Brian P. McClory MCT, CCI, MCSE, MCP+I, CCA, ETC...
"I'm not an actor, I just play one on TV."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]