TIP: Click on subject to list as thread! ANSI
echo: nthelp
to: Rich
from: Ellen K
date: 2003-07-17 17:19:50
subject: Re: MS03-027

I would have expected this to be tested, the test to fail, and the typo to
be found at that time.

> From: "Rich" 
> This is a multi-part message in MIME format.
> ------=_NextPart_000_00F6_01C34BD4.67E9EE80
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> No.  Windows Server 2003 did.  This bug was a simple typo.  I have no =
> idea why the title claims it was an unchecked buffer.  It was a checked =
> buffer but the typo was in the check.
> Rich
> "Geo."  wrote in message
news:3f15e283{at}w3.nls.net...
> didn't xp go thru "a security process like no other"...
> Geo.
> "Geo."  wrote in message =
> news:3f158db5$1{at}w3.nls.net...
>> http://www.microsoft.com/technet/security/bulletin/MS03-027.asp
>> 
>> Unchecked Buffer in Windows Shell Could Enable System Compromise =
> (821557)
>> Originally posted: July 16, 2003
>> Summary
>> Who should read this bulletin: Customers using Microsoft=AE =
> Windows=AE XP
>> Impact of vulnerability: Run code of an attacker's choice
>> Maximum Severity Rating: Important
>> Recommendation: Customers should install the patch at the earliest
>> opportunity.
>> End User Bulletin: An end-user version of this bulletin is available =
> at:
>> http://www.microsoft.com/security/security_bulletins/ms03-027.asp
>> Affected Software: Affected Software:
>> - Microsoft Windows XP
>> Not affected Software:
>> - Microsoft Windows Millennium Edition
>> - Microsoft Windows NT=AE Server 4.0
>> - Microsoft Windows NT=AE 4.0, Terminal Server Edition
>> - Microsoft Windows 2000
>> - Microsoft Windows Server 2003
> ------=_NextPart_000_00F6_01C34BD4.67E9EE80
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> 
>  charset=3Diso-8859-1">
> 
> 
> 
> 
>   
No.  Windows Server =
> 2003=20
> did.  This bug was a simple typo.  I have no idea why the =
> title claims=20
> it was an unchecked buffer.  It was a checked buffer but the typo =
> was in=20
> the check.
>  
> Rich
>  
>  style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
> BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
> "Geo." <
href=3D"georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote=20
> in message  =
>
href=3D"news:3f15e283{at}w3.nls.net">news:3f15e283{at}w3.nls.net...
> didn't xp go thru "a security process like no=20
>
other"...Geo."Geo."
<
href=3D"georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote in =
> message  =
>
href=3D"news:3f158db5$1{at}w3.nls.net">news:3f158db5$1{at}w3.nls.net...=
> >  =
>
href=3D"
>
&g" target="new">http://www.microsoft.com/technet/security/bulletin/MS03-027.asp&g=
> t;>=20
> Unchecked Buffer in Windows Shell Could Enable System Compromise=20
> (821557)> Originally posted: July 16, 2003> =
> Summary> Who=20
> should read this bulletin: Customers using Microsoft=AE Windows=AE =
> XP>=20
> Impact of vulnerability: Run code of an attacker's choice> =
> Maximum=20
> Severity Rating: Important> Recommendation: Customers should =
> install=20
> the patch at the earliest>
opportunity.> End User =
> Bulletin: An=20
> end-user version of this bulletin is available at:>  =
> href=3D"http://www.microsoft.com/security/security_bulletins/ms03-027.asp=
>
">http://www.microsoft.com/security/security_bulletins/ms03-027.asp=
>> >=20
> Affected Software: Affected Software:> - Microsoft Windows =
> XP
> > Not affected Software:> -
Microsoft Windows =
> Millennium=20
> Edition> - Microsoft Windows NT=AE Server
4.0> - =
> Microsoft Windows=20
> NT=AE 4.0, Terminal Server Edition> - Microsoft Windows =
> 2000> -=20
> Microsoft Windows Server
2003

--- BBBS/NT v4.01 Flag-4
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
SEEN-BY: 633/267 270
@PATH: 379/45 1 633/267

SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.