• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows MSRPC Eventlog Information Disclosure Vulnerability

Microsoft Windows allows remote attackers to disclose the application or system eventlog of an affected computer. This issue may be exploited using hardcoded named pipes allowed for NULL sessions combined with eventlog interface and Microsoft Remote Procedure Call framework (MSRPC).

Information gathered through the exploitation of this issue may aid in other attacks.