andydis
Mar 5 2004, 09:51 PM
hey guys,
i dont ask for much but have been doing some pen testing recently on my servers and found that nearly always it comes back with MS02-028 is open to attack.
does anybody have code for this cuz its abit old and just wanna test it, or did eeeye keep it privateż
thanx in advance,
also any infomation on port 47624 (Direct play server)???? would be greatly appreciated.
cheers
Diz
tweakz20
Mar 5 2004, 10:01 PM
just do a microsoft search, they have fixes for just about anything...
| CODE |
| http://www.microsoft.com/technet/security/bulletin/MS02-028.asp |
That's the official bulletin... and should help unless I misunderstood the question...
SgtRush
Mar 5 2004, 10:05 PM
This from microsoft. This is 2 years old and the solution is to update to the latest SP. Surely you have updated your servers in the last 2 years. This fix was included in 2000 sp2.
http://support.microsoft.com/default.aspx?...kb;en-us;321599Just out of curiosity are you using Nessus? Nessus will pick this up even if its patched. It is still a great idea to run the iis lockdown tool and remove this false positive.
andydis
Mar 5 2004, 10:57 PM
hello yea got sp4 mate for 2000 server, just wanted the exploit code to double check,
i thought it was gna be a false positive thing becuase of the age, sup[pose i just wanted to check,
iis lockdown isnt abad idea suppose :-)
thnx
btw i did gooogle but found no code 4 it
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
