eEye spots NT security hole
Nearly all Windows NT-based Web servers on the Internet are vulnerable to a newly discovered security breach, according to the eEye Digital Security Team.
The hole could let hackers take control of the server, and in some cases, the network to which it is attached.
eEye officials say they discovered the bug on June 6 when its Retina network security scanning software, succeeded in crashing an NT server.
eEye engineers say the breach could be exploited not only to crash the NT machine, but to take it over completely.
eEye says the company supplied detailed information about the bug to Microsoft on June 8, but a week later, Microsoft had still not published a fix and stopped responding to e-mails about the bug.
eEye has now released not only a description of the hole, but two working demonstration programs that allow anyone to break into an NT server running IIS 4.0. The break-in code appears to work on any server from which a Web page can be retrieved, even if a firewall is present.
The complete story appears at http://www.zdnn.com .
- HP notebook taps 400MHz PII
- Compaq Presario adds Savage4
- AMD answers Intel's 400MHz fire with mobile K6
- MP3 device makers win in court
- IBM offers biggest, smallest hard drives
- Linux on the PowerPC ships
- Gateway rolls out all-in-one flat-panel PCs
- Intel shows off 0.18 micron with new mobile PII
- Sub-$400 PC protects kids online
