[Dshield] MS05-039 exploits prove that pacthing "window" isgetting shorter and shorter and...

Joel Esler eslerj at gmail.com
Thu Aug 18 11:35:36 GMT 2005


I would like to offer a suggestion to the American public that are
tired of fixing and repairing machines.

Buy an Apple.

Joel

On 8/18/05, Ed Truitt <ed.truitt at etee2k.net> wrote:
> The thought among my collegues is that is network-enabled so that you can auto-configure a network-attached printer or other PNP device.
> 
> However, this is an excellent question to ask MSFT, so I think I may ask them.
> 
> -EdT.
> -----Original Message-----
> From: "John B. Holmblad" <jholmblad at aol.com>
> Date: Wed, 17 Aug 2005 22:46:24
> To:General DShield Discussion List <list at lists.dshield.org>
> Subject: Re: [Dshield] MS05-039 exploits prove that pacthing "window" is
>  getting shorter and shorter and...
> 
> All,
> 
> this worm has given me reason to go back and examine the distinction
> between the PnP service in Microsoft Windows and its "evolutionary
> addition, uPnP, which is installed in Windows XP.  I did a quick check
> and, not surpassingly, all Windows OS's, XP, 2000 Pro, 2000 Server, 2003
> Server, and 2003 SBS have PnP installed as a service and enabled. Only
> WXP has uPnP installed with manual start (at least on the XP system that
> I checked).
> 
> 
> What I do not understand is why the PnP service is even callable from a
> remote session whether it is an authenticated or a null session. To my
> understanding, the PnP service is to support installation of devices on
> the local machine, period so why should it ever accept a network based
> session via SMB in the first place. What am I missing here?
> 
> --
> Best Regards,
> 
> John Holmblad
> 
> Televerage International
> GSEC Gold,GCWN Gold,GGSC-0100,NSA-IAM
> 
> (H) 703 620 0672
> (M) 703 407 2278
> (F) 703 620 5388
> 
> primary email address:     jholmblad at aol.com
> backup email address:      jholmblad at verizon.net
> 
> 
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
> 
> Cheers,
> -E D Truitt
> 
> Sent via my BlackBerry from Cingular Wireless
> 
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
>



More information about the list mailing list