New Security Vulnerability in WinNT

From: Alexandre Stervinou (stervinoat_private-BORDEAUX.FR)
Date: Fri Mar 12 1999 - 15:32:19 PST

Next message: Taral: "Re: Bug in IRC services"

Previous message: Tim Pierce: "Re: Digital Unix 4 protected password database."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A new security vulnerability in Windows NT4 has been released, I was
just surfin' on http://www.cybermedia.co.in/, when I saw this:

<quote>

 CSPL has uncovered most serious Case Sensitivity vulnerability in
Microsoft's Windows NT operating  system. This security hole allows you
to get "Administrator" access on a machine while logged in as "guest" or
any ordinary user

[...]

Description:
 Using the permissions on the "\??" object directory and by exploiting
the case sensitivity of object manager it is possible to trojan any
system executables.

</quote>

--
                 Alexandre Stervinou
       mailto:stervinoat_private-bordeaux.fr

Next message: Taral: "Re: Bug in IRC services"
Previous message: Tim Pierce: "Re: Digital Unix 4 protected password database."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:55 PDT