Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:8084
HistoryMar 17, 2005 - 12:00 a.m.

[VulnWatch] LLSSRV Clarifications [Immunity]

2005-03-1700:00:00
vulners.com
13
JSON

Immunity is happy to announce the release from VSC of a new paper to our
public website regarding the technical details of the llssrv
vulnerability Microsoft released on February 8th, 2005. Along with this
paper, we've released a reliable, language-independant exploit to the
CANVAS distribution.

As stated in MS05-010, LLSSRV is not remotely exploitable on Windows
2000 Server SP3 and 4 without authentication. However, it is remotely
exploitable in Windows 2000 Advanced Server SP 3 and 4 without
authentication. This information, missing from MS05-010, is a perfect
example as to why fully independant third party security information and
exploit code provide a key link in an organization's ability to
understand and evaluate the risk posted by vulnerabilities.

Further details, vulnerability release scheduling, and other information
are available here:
http://www.immunitysec.com/resources-advisories.shtml

Thanks,
Dave Aitel
Immunity, Inc.

JSON