[unisog] Heads up! distributed scans and attacks targeting nsiss.dll

Bradley Ellis Bradley.Ellis at its.monash.edu.au
Fri Aug 8 06:08:30 GMT 2003

Hi All,

> No, we did not get any systems compromised (I'd like to believe that
> this is because all our admins have applied MS03-018, but I guess I'd be
> deluding myself ;)

Maybe this is actually MS03-022:
"Flaw in ISAPI Extension for Windows Media Services Could Cause Code 
Execution". It refers to nsiislog.dll.

While I'd love to think our admins patched things, and to be honest a 
lot do, which is great ! I'm assuming that like you, the lack of affect 
is due to this component not installed by default, after all it only 
takes one machine to make a very interesting afternoon.

Bradley Ellis
IT Security Officer, Infrastructure Services
Information Technology Services, Monash University - Clayton

More information about the unisog mailing list