LLSSRV Redux

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: LLSSRV Redux
From: Dave Aitel <dave@xxxxxxxxxxxxxxx>
Date: Thu, 17 Mar 2005 13:58:54 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Mozilla Thunderbird 0.9 (Windows/20041103)

With regards to the LLSSRV advisory Immunity published yesterday, wewould like to issue a clarification. There are two ways to get SP4 ontoa Windows 2000 Advanced Server machine, as follows:

1. Download SP4 from microsoft.com via networked or express install

2. Obtain and install a Windows 2000 Advanced Server CD or CD image thatincludes SP4. This is available from the MSDN CD packages or onlinedownload site. You may also have obtained such a CD from a vendor orretailer.


The second way is vulnerable; the first way is not.

I.E. This advisory does not apply to Windows 2000 Advanced Server caseswhere Service Pack 4 was installed separately.

We apologize for any confusion and thank those who pointed out thatinstalling SP4 manually will remove the registry key that allows foranonymous remote access.

Reference Image:http://www.immunitysec.com/downloads/win2kadvsrv_withSP4.jpg


Thanks,
Dave Aitel
VP Figureheads and Verbage
Immunity, Inc.

Prev by Date: [USN-98-1] OpenSLP vulnerabilities
Next by Date: Kevin Walsh: LimeWire Gnutella client two vulnerabilities
Previous by thread: [USN-98-1] OpenSLP vulnerabilities
Next by thread: Kevin Walsh: LimeWire Gnutella client two vulnerabilities
Index(es):
- Date
- Thread