[20006] in bugtraq
Re: def-2001-16: Internet & Acceleration Server Event DoS
daemon@ATHENA.MIT.EDU (Brian McClory)
Tue Apr 3 17:26:02 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <OE293EU2Sn9skdVwlc600002d1f@hotmail.com>
Date: Mon, 2 Apr 2001 13:32:49 -0700
Reply-To: Brian McClory <security_resources@HOTMAIL.COM>
From: Brian McClory <security_resources@HOTMAIL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
I don't see this as being a true security risk. As you mention in
your advisory, this only occurs if the installer has notification set for
event logs and event logs are left to the default write method.
I honestly think that the only people at risk here are incompitent
administrators who do not porperly configure their network. That being the
case,
this puts the risk into the ID10T catagory. I put this on the par with
administrators who allow their smtp servers to relay for anyone and who set
their firewalls to allow netbios traffic through.
Just my 2 cents...
Brian P. McClory MCT, CCI, MCSE, MCP+I, CCA, ETC...
"I'm not an actor, I just play one on TV."
