Home page logo
/

bugtraq logo Bugtraq mailing list archives

[NTSEC] DoS attack in MS - Proxy 2.0
From: jasong () MICROSOFT COM (Jason Garms)
Date: Thu, 15 Oct 1998 11:23:50 -0700


Just to follow-up on some recent threads on on Microsoft Proxy Server:

On October 8 & 9, 1998, two emails were posted by mnemonix () globalnet co uk
who indicated two possible new security attacks against Microsoft Proxy
Server.

We've worked in our labs and with the assistance of Mnemonix in an attempt
to reproduce the reported security issues. There were two specific scenarios
reported and both have been researched and tested. In spite of the effort
and help from the Mnemonix we've been unable to reproduce the stated
security breaches with a properly configured Microsoft Proxy Server.

At this time, we have no reason to believe that customers have any risk
associated with the reported attack method.  None-the-less, we will continue
research with Mnemonix until we can fully explain the observed behavior
reported.

We take these kinds of reports very seriously and we'll continue to track
any new developments.

Thanks,
-JasonG

Jason Garms
Product Manager
Windows NT Security
Microsoft Corporation

JasonG () Microsoft Com



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault