Bugtraq mailing list archives
[NTSEC] ALERT - NT security flaw announcement
From: aleph1 () DFW NET (Aleph One)
Date: Fri, 18 Apr 1997 17:27:41 -0500
April 18, 1997
Announcement
MWC, Inc.- NTsecurity.com would like to inform Internet Community that
MWC, Inc. has discovered a security flaw ("RedButton Bug") in Microsoft
Windows NT v 3.5x, 4.0. The
security problem affects the majority of NT based networks.
The "RedButton Bug" enables a remote user to get unauthorized access to
a part of the NT system including registry and file system. The "RedButton"
utility, which is available for download at
http://www.NTsecurity.com/RedButton/ demonstrates the possibility of such
an access:
* It logs on remotely on a Target computer without presenting any User
Name and Password
* gains access to some of the resources available to Everyone
* determines the current name of Built-in Administrator account (thus
demonstrating that it is useless to rename it)
* reads several registry entries (i.e. displays the name of a Registered
Owner)
* lists all shares (including the hidden ones)
Microsoft has already been notified about this flaw.
MWC, Inc - NTsecurity.com
Network Security Team
Current thread:
- Sendmail Vulnerability. Alan Brown (Apr 14)
- TcpWrappers and Sendmail Neil Harkins (Apr 15)
- Handy change I made in ltread.c Nathan D. Faber (Apr 15)
- NIS+ and signed directory objects Sun Security Coordination (Apr 15)
- Update on PHP/FI hole Shamanski (Apr 16)
- Buffer overflow in sperl5.003 Murphy (Apr 17)
- Re: Buffer overflow in sperl5.003 David Luyer (Apr 17)
- Re: Buffer overflow in sperl5.003 Jon Lewis (Apr 19)
- [NTSEC] ALERT - NT security flaw announcement Aleph One (Apr 18)
- Beta testers wanted for new security tool! Alfred Huger (Apr 18)
- IRIX 6.x /cgi-bin/wrap bug J.A. Gutierrez (Apr 19)
- Re: Buffer overflow in sperl5.003 David Luyer (Apr 17)
- PHP/FI command line buffer overflow David Sacerdote (Apr 17)
- Sun Security Bulletin #00138 Aleph One (Apr 17)