> Carefully read the subtext in his note. He would like an exploit if > possible (or at least that's his claim) so that he can prove to someone > else that yes, it DOES need to be patched, right now. I.e. he's got a > boss with pointy hair that isn't cooperating. > > You don't have to believe his story. Having dealt with many bosses (my > own, or someone else's) exactly like that, I'm willing to entertain his > story. > > Calling the admin who wants to apply the patch, but isn't allowed to > without jumping through hoops, lazy or stupid doesn't help anyone.
Uhm, if his boss is that way to an admin that's asked to secure a box/set of computers I personally wouldn't work there. There is too much on my head then. Your boss should respect what you say and what you know and allow you to do your job instead of wanting to do it himself. Anyhow, I personally don't want a DCOM For nix... Since I know of a LOT of boxes that haven't been patched yet. There is really no need for a 'box and shipped' version of the vuln. There is a whitepaper out... Go read it and figure it out yourself. Moo~ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
