Top 10 Security Threats for Windows 2000 and Windows NT
Source: Xatrix
L33tdawg: NT more secure than Linux eh? Check this out.
Some appreciated world security experts realesed "Top 10 Security Threats" for Windows 2000 and Windows NT. First place was reserved for IIS RDS vulnerability, which especially was popular by Eastern European hackers to break into over 40 banks in the United States and around the world...
1. -IIS RDS vulnerability- First place was reserved for IIS RDS vulnerability, which especially was popular by Eastern European hackers to break into over 40 banks in the United States and around the world...Many installations of Windows NT with IIS 4 and the NT Option Pack include the Microsoft Data Access Components (MDAC).These components contain vulnerabilities which can be exploited via IIS, and which allow a remote attacker to run commands with full system privileges.This vulnerability has been and continues to be widely exploited on the Internet.
2. -IIS Unicode vulnerability- The Windows NT and 2000 IIS server contains a vulnerability that may allow an attacker to execute arbitrary commands on the server. The commands are run with relatively weak permissions, but once on the server, there are a variety of methods of gaining additional privileges. By sending an IIS server a carefully constructed URL containing an invalid Unicode UTF-8 sequence an attacker can force the server to literally ‘walk up and out’ of a directory and execute arbitrary scripts. This type of attack is also known as the directory traversal attack.