[14952] in bugtraq
Re: RFP2K04: Mining BlackICE with RFPickAxe
daemon@ATHENA.MIT.EDU (Matt)
Fri May 19 16:41:45 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.NEB.4.10.10005181204320.1526-100000@cesium.clock.org>
Date: Thu, 18 May 2000 12:19:01 -0700
Reply-To: Matt <matt@USE.NET>
From: Matt <matt@USE.NET>
X-To: Robert Graham <bugtraq@NETWORKICE.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <NDBBIFIKDEKCCCNINKGLKEPADGAA.bugtraq@robertgraham.com>
On Thu, 18 May 2000, Robert Graham wrote:
> 1. There is no issue with BlackICE (Sentry/Defender/Agent) IDS. Only the
> centralized console ICEcap.
>
> 2. This isn't a problem in "officially" supported installations of ICEcap,
> only "eval" installations.
>
> 3. This is a problem in virtually any product that uses Access/Jet/.mdb
> (including many built into WinNT Server).
I believe this could've been easily avoided by making MDAC 2.1 SP2
components a required part of the installation. I can think of at least
one vendor in rfp's list that did do that, which I believe eliminates the
vulnerability (as well as some y2k and stability/performance issues).
On a side note, I just noticed that MDAC 2.5 is out.
