Sorry for the added traffic but there was a typo in the original advisory. The offending line in the ISS.ACCESS file should have looked like this; [\Roles\KeyAdministrator\starscream_skank\]; I dropped the r. my bad... -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbak@nmrc.org http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ---------- Forwarded message ---------- Date: Wed, 20 Mar 2002 18:32:40 -0500 (EST) From: weasel@www.nmrc.org To: hellNbak <hellnbak@nmrc.org> Cc: nmrcfolk@nmrc.org Subject: Re: NMRC Advisory - KeyManager Issue in IS > [\Roles\KeyAdministrato\starscream_skank\]; Did you commit a typo and leave an 'r' out of "KeyAdministrator"? If not, does the incomplete role name in fact break the possiblility of exploit?
