Security Incidents: Re: sql 1433

[<dave () immunitysec com>]

In-Reply-To: <200208161742.g7GHgnT32754 () mailserver4 hushmail com>

You missed the hello vulnerability as reported here:
http://www.immunitysec.com/vulnerabilities/

I demoed it during BlackHat along with SPIKE. :>

Did you see a comment from MS about this? 

Likewise, you're probably going to be getting scanned
for the Exchange 2000 vulnerabilities I reported during
the same talk.

Dave Aitel
Immunity, Inc.
http://www.immunitysec.com/



> Subject: sql 1433
> From: loves2party420 () hushmail com
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Anything new i missed?  I saw something from MS last
night but the scanning is getting pretty intense from
all kinds of different IP's
> Thx,
>
> Leon
> -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.1
> Note: This signature can be verified at
https://www.hushtools.com
> wmMEARECACMFAj1dObkcHGxvdmVzMnBhcnR5NDIwQGh1c2htYWlsLmNvbQAKCRA2G5Nw
> C4Twu/DgAJsGO4XaotyBjelaOr6DznVlo/UzjgCfc7kEj7fFwFRJuHRsyvZxmUuX5xk=
> =fCEo
> -----END PGP SIGNATURE-----
>
>
>
>
> Get your free encrypted email at https://www.hushmail.com
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS
analyzer service.
> For more information on this free incident handling,
management 
> and tracking system please see:
http://aris.securityfocus.com
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com