Re: RDISK registry enumeration file vulnerability in Windows NT

From: Andy Polyakov (approat_private)
Date: Mon Jan 24 2000 - 07:26:46 PST

Next message: Theo de Raadt: "Re: usual iploggers miss some variable stealth scans"

Previous message: iv0: "Re: remote root qmail-pop with vpopmail advisory and exploit with"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> There exist a vulnerability in rdisk which causes the contents of the
> registry hives to be exposed to Everyone during updating of the repair info.
Which can be trivially fixed by revoking Everyone's ACE from
%SystemRoot%\repair. What's the fuzz? There're more serious holes in
default ACLs... Andy.

Next message: Theo de Raadt: "Re: usual iploggers miss some variable stealth scans"
Previous message: iv0: "Re: remote root qmail-pop with vpopmail advisory and exploit with"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:31:06 PDT