Vulnerability: Exchange 2000 enables remote registry access

IDG News Service staff IDG News Service staff (Computerworld)
Comments

The Exchange 2000 System Attendant incorrectly gives 'everyone' access to the Winreg registry key, which would allow a remote attacker to access the registry via SMB/NetBIOS. Exploitation depends on the permissions of the various subkeys.

FAQ and patch:

http://www.microsoft.com/technet/security/bulletin/MS02-003.asp

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Microsoft

Show Comments
[]