Re: NT WinLogon VM contains plaintext password visible in admin

From: Chris Paget (mad.nutterat_private)
Date: Wed Dec 08 1999 - 03:01:38 PST

Next message: Renaud Deraison: "Re: FTP denial of service attack"

Previous message: David LeBlanc: "Re: NT WinLogon VM contains plaintext password visible in admin"
Next in thread: Chris Paget: "Re: NT WinLogon VM contains plaintext password visible in admin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>I contacted MS about this and they indicated it was fixed in
>NT 4.0 SP5 - I have not retested it on SP5 yet to be sure.  

This has been fixed under NT4 SP6 - the first 10,000 bytes of the
winlogon process are not accessible, and the rest of the memory space
appears to have nothing interesting in it - all I managed to retrieve
were actual environment variables.  Windows 2000 RC2 is the same - I
have not tested RC3, but I would assume it too is fixed.

Chris

-- 
Chris Paget
C++ Developer - NetInvest LTD.

chris.pagetat_private

Next message: Renaud Deraison: "Re: FTP denial of service attack"
Previous message: David LeBlanc: "Re: NT WinLogon VM contains plaintext password visible in admin"
Next in thread: Chris Paget: "Re: NT WinLogon VM contains plaintext password visible in admin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:19:04 PDT