Re: RFP9903: AeDebug vulnerability

From: Stefan Norberg (stnorat_private)
Date: Wed Oct 06 1999 - 14:37:08 PDT

Next message: Enno Rey: "Re: RFP9903: AeDebug vulnerability"

Previous message: 3APA3A: "Re: Time to update those CGIs again"
Maybe in reply to: .rain.forest.puppy.: "RFP9903: AeDebug vulnerability"
Next in thread: Enno Rey: "Re: RFP9903: AeDebug vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> One other thing to consider is that when user processes crash, they can
> sometimes create a user.dmp file, which like UNIX-style core files can
> sometimes contain information useful to an attacker.  There is a way to
> turn this off, but I don't recall what it is at the moment.
>

Run drwtsn32.exe and uncheck "Create Crash Dump File" or just edit the
registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DrWatson\CreateCrashDump = 0

/stefan

Next message: Enno Rey: "Re: RFP9903: AeDebug vulnerability"
Previous message: 3APA3A: "Re: Time to update those CGIs again"
Maybe in reply to: .rain.forest.puppy.: "RFP9903: AeDebug vulnerability"
Next in thread: Enno Rey: "Re: RFP9903: AeDebug vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:06:54 PDT