Release Date:
August 11, 2004
Severity:
Medium
Vendor:
Internet Security Systems
Software:
BlackIce Server Protect 3.6cno and below
Remote:
Remotely Executable from Local and Trusted Networks
Vulnerabilities:
Unpriviledged User Attack
Technical Details:
Unpriviledged User Attack was originall
Release Date:
August 11, 2004
Severity:
Medium
Vendor:
Internet Security Systems
Software:
BlackIce Server Protect 3.6cno and below
Remote:
Remotely Executable from Local and Trusted Networks
Vulnerabilities:
Unpriviledged User Attack
Technical Details:
Unpriviledged User Attack was originall
The fact that the .ini files are Everyone Full control was pointed out
by us when we released SRT2004-01-17-0227
-http://lists.netsys.com/pipermail/full-disclosure/2004-January/016290.html
ISS said something along the lines of Windows is not commonly deployed
as a multi-user system and ... thus
