[12231] in bugtraq
Re: RFP9903: AeDubug vulnerabilty
daemon@ATHENA.MIT.EDU (Jesper M. Johansson)
Wed Oct 13 19:29:04 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <000101bf1500$434853a0$d8107aa8@bu.edu>
Date: Tue, 12 Oct 1999 18:13:50 -0400
Reply-To: jjohanss@bu.edu
From: "Jesper M. Johansson" <jjohanss@BU.EDU>
X-To: David LeBlanc <dleblanc@MINDSPRING.COM>, BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <3.0.3.32.19991012113744.043d2760@mail.mindspring.com>
>>I have a machine which Dr.Watsons reliably when running SRVINFO.EXE
>>against a particular host (I haven't figured out why yet...)
>
>Maybe a samba box? Samba will often give things back to Win32 API calls
>that NT won't and it can violate the programmer's assumptions.
FYI, this most likely happened because he was using the NT Resource Kit
Supplement 2 version of SRVINFO.EXE. It would Dr. Watson when run against a
machine that had any hotfixes installed. Use the Supplement 3 version of
SRVINFO.EXE instead.
Jesper
Jesper M. Johansson, Ph.D.
Assistant Professor, Boston University
jjohanss@bu.edu
Editor, SANS NT Digest
MCSE , MCP + I
