From owner-freebsd-chat  Wed Feb  7 15:42:54 2001
Delivered-To: freebsd-chat@freebsd.org
Received: from mailgate.originative.co.uk (mailgate.originative.co.uk [62.232.68.68])
	by hub.freebsd.org (Postfix) with ESMTP id A9C8637B503
	for <chat@freebsd.org>; Wed,  7 Feb 2001 15:42:35 -0800 (PST)
Received: from originative.co.uk (lobster.originative.co.uk [62.232.68.81])
	by mailgate.originative.co.uk (Postfix) with ESMTP id A08781D149
	for <chat@freebsd.org>; Wed,  7 Feb 2001 23:42:34 +0000 (GMT)
Message-ID: <3A81DDC9.EF6D7D84@originative.co.uk>
Date: Wed, 07 Feb 2001 23:44:09 +0000
From: Paul Richards <paul@originative.co.uk>
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: chat@freebsd.org
Subject: Laugh: [Fwd: Microsoft Security Bulletin MS01-008]
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

These always amuse me when I get them, this one's more amusing than
most.

Microsoft Product Security wrote:
> 
> The following is a Security  Bulletin from the Microsoft Product Security
> Notification Service.
> 
> Please do not  reply to this message,  as it was sent  from an unattended
> mailbox.
>                     ********************************
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> - ---------------------------------------------------------------------
> Title:  NTLMSSP Privilege Elevation Vulnerability
> Date:           07 February 2001
> Software:       Windows NT 4.0
> Impact: Privilege Elevation
> Bulletin:       MS01-008
> 
> Microsoft encourages customers to review the Security Bulletin at:
> http://www.microsoft.com/technet/security/bulletin/ms01-008.asp
> - ---------------------------------------------------------------------
> 
> Issue:
> ======
> A flaw in the NTLM Security Support Provider (NTLMSSP) service could
> potentially allow a non-administrative user to gain administrative
> control over the system. In order to perform this attack the user
> would need a valid login account and the ability to execute arbitrary
> code on the system.
> 
> Mitigating Controls:
> ====================
>  - This vulnerability could only be exploited by an attacker
>    who could log onto the affected machine interactively.
> 
>  - Servers could only be affected if the attacker were given the
>    ability to load a program of her choice onto the machine and
>    execute it locally.  Best practices recommend against this.

You've gotta laugh really, a root compromise exists and the mitigating
controls are to not let anyone use the box!

Paul.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message