Hello, BugTraq readers! I have recently started using mIRC's DDE feature, which allows DDE messaging between its instances and other software. At first I was quite pleased with this feature until I thought about the security implications of it under a multi-user system (such as Windows 2000 Professional that I am using). This is what I did: 1) Launched one copy of mIRC with an enabled DDE Server under an Administrative account. 2) Launched another one under a Guest account using the RunAs service. 3) Wrote /dde mIRC command "" /run c:\program files\internet explorer\iexplore.exe in the second (Guest) client. 4) Internet Explrer was launched under the administrative account. This enables different users sharing one machine to overtake each other's accounts if mIRC is running with a DDE Server (this option is enabled by default). I would be grateful if someone tested this with Windows 2000 Terminal Server or Windows XP with Switch User function enabled. Shustrik. mailto:rootat_private
This archive was generated by hypermail 2b30 : Sun Dec 02 2001 - 17:13:35 PST