> From: "Geo." 
> "Adam Flinton"  wrote in message
> news:109399.6238cd{at}harborwebs.com...
>> The problem I have is that "Windows" is a marketing name
applied to
> everything
>> from Windows 1.0 through to WinXP & Win2KS3. It's simply not a single OS
> but a
>> whole raft of em from a DOS Shellto NT to WinCE. It's like saying that
> because
>> IBM supports Linux hence they could market AIX,OS400,OS390 & PCDOS as
> "linux".
>> Linux is an operating system where Windows is a maleable marketing term.
> Directory services is part of W2Kserver and not part of W2Kpro, both
> versions of W2K are simply different distributions of the exact same kernel.
> Only the server distribution would be exploitable by a DS exploit.
> Is it a windows exploit or not?

Is something like this:

http://csdl.computer.org/comp/proceedings/wetice/2002/1748/00/17480145abs.htm

?

I would say that the example you have is a Win2KS vulnerability which may
point to a possible vuln in the win2K kernel.

>> i.e in the case of MS it's all "Windows" (for marketing
terms). However if
>> there is a hole that affects all reasonably modern versions (i.e. thouse
> still
>> likely to be in use) then it's a Windows hole. If it affects all the NT
>> versions then it's a Windows NT hole. If it only affects XP then it's an
> XP
>> hole.
> So you seem to be saying a DS exploit would be a W2Kserver and 2003server
> exploit but not a "windows" exploit. Go tell them that on /.

Windows is a "brand". If I say a don't like the taste of
"coca-cola" what I am talking about? "Classic"? Cherry?
Vanilla? Diet?

If I say "Ford Mustangs have a problem with their fuel tank"
would I be talking about every mustang from inception of the brand till
now?

>> Take your example & see it from another direction. If It only affect
> Win2KS & I
>> have XP then I could argue that since I am running Windows & I
don't have
> that
>> vuln then there is no "windows" vuln coz I have
"Windows" & yet I don't
> have a
>> vuln.
> Yes you could argue that, likewise if you and I are running RH with
> different kernel versions and there is an exploit that affects your version
> but not mine then I could claim it's not a RH exploit. I'd be wrong but I
> see the logic you are trying to use.
>> Do I need to patch my Windows system if I'm running XP & it's a DS vuln?
> Nope, you don't have to patch an IIS exploit if you aren't running IIS
> either, and if you don't have SQLserver you don't have to patch that, and if
> you don't have DCOM you don't have to patch that, and if you don't have IE
> (it was optional on NT4) you don't have to patch that, and if you don't have
> OE or NetBIOS or NTFS then you don't have to patch any of those either. SO I
> GUESS THERE ARE VIRTUALLY NO WINDOWS EXPLOITS with the possible exception of
> RPCSS...

The recent NTKernel based OS vuln is an example. If you were running WinDOS
then nullo problemo. 

The problem really lies with the vast range of products which MS (for it's
own reasons) brands as "Windows" such that the consumer does
think there is only one Windows. i.e. Recently I was in a discusion wrt
migration from "Windows" & I had to stop the people involved
& ask "What windows are we talking about?" 

i.e. moving from Win95 to a recent linux is a different exerience & has
different driving forces than moving from XP or Win2K. We even found some
Win3.x machines were "in the mix".

e.g. a driver for a lot of the WinDos users is the stability & up to
date drivers & new h/w & proper multi-tasking & a nicer
"more modern" GUI look, support/fixes etc.etc. whereas if someone
has a brand new XP box, most of those are non-issues & yet we were
talking about "Windows". Equally on the server side NT is
"Windows" as is Win2K3. However try upgrading to external USB2
disk with NT4.

Windows is a brand & not an OS.

> That's the logic you are using with this "just linux" line
of reasoning.
> That's why I think it's silly to even try to define "OS",
it's much more
> relevant to discuss product flaws as flaws in anything that's contained in
> the product. That means if we are talking RH exploits that includes exploits
> for everything in the RH package be it a word processor or a tcp stack, if
> it's part of "RH the product" then it counts.

Yup. I have no problem with that. I do think there are what you could call
"linux" vulns just as there was a Windows vuln with the DCOM hole
where such a vuln is across the line e.g. all linux'es built using a kernel
written in the last x years or every Windows branded MSOS which has DCOM
(i.e. all modern ones).

Adam

--- BBBS/NT v4.01 Flag-5