GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Code Red - hacked by chinese worm (https://gfy.com/showthread.php?t=35721)

Midnight 07-19-2001 02:32 PM
Code Red - hacked by chinese worm
 
For any of you running Microsoft IIS servers on NT or Win2K, there is a worm that is spreading throughout the internet at a rapid rate. Any of you that use cashtour saw it the other night.

In order to prevent this, you will need to go to this location and retrieve the patch knowns as:

MS01-33 Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise

You can find the patch here:
http://www.microsoft.com/technet/tre...n/MS01-033.asp

The following information is taken from the Microsoft website and sums up the problem:

~~A security vulnerability results because idq.dll contains an unchecked buffer in a section of code that handles input URLs. An attacker who could establish a web session with a server on which idq.dll is installed could conduct a buffer overrun attack and execute code on the web server. Idq.dll runs in the System context, so exploiting the vulnerability would give the attacker complete control of the server and allow him to take any desired action on it.

The buffer overrun occurs before any indexing functionality is requested. As a result, even though idq.dll is a component of Index Server/Indexing Service, the service would not need to be running in order for an attacker to exploit the vulnerability. As long as the script mapping for .idq or .ida files were present, and the attacker were able to establish a web session, he could exploit the vulnerability. ~~

Regards,




------------------
Midnight
Midnight Ventures Partner Program
Excellence is not an act, but a habit - Aristotle

Crutch 07-19-2001 02:57 PM
I said it once and i'll say it again. My response to Ludedude suits in this thread just fine. http://bbs.gofuckyourself.com/board/smile.gif
http://bbs.gofuckyourself.com/board/...ML/005790.html


Seriously though, great post Midnight http://bbs.gofuckyourself.com/board/smile.gif

DragonAss 07-19-2001 09:14 PM
I just posted a CNet article on about the same thing. The strange part is that I looked (not seached) to see if someone posted it already. Now I see this thread http://bbs.gofuckyourself.com/board/frown.gif.

And to further question my own sanity, I can't find the one I posted originally http://www.plauder-smilies.de/yellows/dozey.gif . (I'm sure now that I typed that, the two threads will appear side by side http://bbs.gofuckyourself.com/board/wink.gif)

(okay... now that I typed that, they won't)

Maybe I need to look for a new line of work http://www.plauder-smilies.de/person/chef.gif .

xxxjay 02-08-2004 08:24 AM
I have been eaten http://www.stormfront.org/forum/


All times are GMT -7. The time now is 12:36 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123