Not sure if this is known or not but I did not find anything about it on novell.com, securityfocus.com and after doing a websearch on google with some keywords about it. I don't have the resources to test this "bug" on other versions. And i`m not even sure if this classifies as bug but it could give unrestricted access on win95/98 (maybe more?) machine's without logging in properly or at all even. This was on a windows 95 machine running novell netware client. When you boot the machine you get the novell netware login screen. Here you are supposed to enter login and password to go into windows. But if you pause the mouse over certain area's of the login window you get the "alt" text "What is this?" and when you select it, Windows help opens. From there you can use the File -> Open menu and select type files as *.* and open any file you want. We found this out today but did not give much more attention to it because it was after five o'clock and our weekend already started ;-) So that's why I can't give you the specific version of novell netware because I don't remember, but I did do some quick research to see if this was known or not and couldn't find anything about it. Last time I posted something I thought was a bug to this list it wasn't my intention to post it as a I-am-sure-i-found-a-bug mail and after some research and testing it was not a bug afterall and it got removed from the vuln. Page, that's why i`d like some feedback first. I know at least some people are able to reproduce this because our configurarion is commonly used. I'm just trying to find out which versions of netware and windows are affected by this. I also thought about if this is a novell netware bug or a windows bug, but if you write this sort of network software, especially the loginscreen, I guess it's novell netware's responsibility. Hoping for lots of feedback Philip Wagenaar
This archive was generated by hypermail 2b30 : Fri Jan 11 2002 - 15:41:58 PST