|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISN] Hackers Sniffing For Vulnerable Microsoft Servers
From: InfoSec News (isn
c4i.org)
Date: Wed Jan 05 2005 - 06:59:30 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.techweb.com/wire/security/56900363
By TechWeb News
January 04, 2005
A vulnerability within Microsoft's WINS (Windows Internet Naming
Service), a component of popular server software such as Windows
Server 2003, has been heavily exploited since the last day of 2004,
several security organizations reported Tuesday.
Although the vulnerability was patched in mid-December by Microsoft,
the Internet Storm Center and the Research and Education Networking
Information Sharing and Analysis Center (REN-ISAC) at the Indiana
University have seen a drastic increase in the number of probes
directed at WINS services (TCP and UDP ports 42).
"Patching these systems is now overdue," said the SAN Institute's
Internet Storm Center in an online alert.
"Additionally, WINS services probably should not cross your border
router...so block these ports and keep the rif-raf out in case your
local Windows Server Admins have not patched for this," the Center
continued.
The patch for the WINS issue can be found on Microsoft's Web site [1].
[1] http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx
_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]