OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Roll-up hotfix?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Roll-up hotfix?

  • To: NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
  • Subject: Re: Roll-up hotfix?
  • From: =?koi8-r?Q?=E5=D7=C7=C5=CE=C9=CA_=EB=C1=CC=C9=CE=C9=CE?= <ekalininMML.NSI.RU>
  • Date: Fri, 8 Jan 1999 01:03:58 +0300
  • Approved-By: Russ.CooperRC.ON.CA
  • Reply-To: =?koi8-r?Q?=E5=D7=C7=C5=CE=C9=CA_=EB=C1=CC=C9=CE=C9=CE?= <ekalininMML.NSI.RU>
  • Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
Don't know about tapiperf.dll, but infocomm.dll and w3svc.dll must be from
the 'Infinite Get' fix for Internet Information Server. It fixes a DoS
attack against IIS that I have reported to MS back in December. The fix by
itself is available at
ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/security/infget-fix
<ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/security/infget-fix
> , and the details on the attack - at www.nsi.ru/enema
<http://www.nsi.ru/enema> . The KB article is Q192296. This fix was not put
in the hotfixes-postsp4 directory, so not many people have noticed it.
--------------------------------------
Sincerely,
Eugene Kalinin
ekalininmml.nsi.ru
http://www.mml.nsi.ru/~ekalinin
ICQ# 11288561

        -----Original Message-----
        From:   Raymond P. Galloni [mailto:rpgallonMITRE.ORG]
        Sent:   Wednesday, January 06, 1999 11:35 PM
        To:     NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
        Subject:        Roll-up hotfix?

        I was just browsing the Post-SP4 hotfix list
        (the mirrored site:
        ftp://198.105.232.37/fixes/usa/nt40/hotfixes-postSP4/roll-up/)
         and came across a new one labelled "roll-up".
        It appears as it is just that, a roll-up of all the previous
hotfixes,
        except that when doing a file-by-file comparison, it has 6
additional files.
        These are:
                infocomm.dbg, infocomm.dll
                tapiperf.dbg, tapiperf.dll
                w3svc.dbg, w3svc.dll
        Does anyone have background information as to what problem this is
fixing?
        Or perhaps a Knowledge Base article number associated with it?  Did
I miss
        an announcement?  At the time, it was just the two exectables (intel
and
        alpha) and nothing else, no readmes or anything.

        Thanks,
        Ray
        ________________________________________________________
         Raymond P. Galloni
         Senior Infosec Engineer                    Phone: (781) 271-5267
         The MITRE Corporation                   Fax: (781) 271-3816
         202 Burlington Road                         Email:
rpgallonmitre.org
         Bedford, MA 01730
        ________________________________________________________