Bugtraq mailing list archives

Re: NT Login Default Folder Vulnerability

From: dim () XS4ALL NL (Dimitry Andric)
Date: Wed, 7 Jul 1999 12:02:30 +0200


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06-07-99 at 11:56 Ben Greenbaum wrote:

When a user logs into an NT machine, there are a few processes that

are

started automatically, including explorer.exe. These programs are

normally

in %winroot% or %winroot%\system32. The problem is that NT will look

for

these programs first in the user's home directory.


This is ultimately caused by the fact that in MS-DOS, Windows and NT,
"." has always implicitly been the first entry in the PATH. And when
NT starts up an executable, the current directory is initially set to
the user's home directory...

Cheers,
/Dim
- --
Dimitry Andric <dim () xs4all nl>
PGP key: http://www.xs4all.nl/~dim/dim.asc
KeyID: 4096/1024-0x2E2096A3
Fingerprint: 7AB4 62D2 CE35 FC6D 4239  4FCD B05E A30A 2E20 96A3

-----BEGIN PGP SIGNATURE-----
Version: Encrypted with PGP Plugin for Calypso
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm

iQA/AwUBN4MXn7BeowouIJajEQKJtQCfTelelgKHbOwhMydvy/bJM5Q3ZNkAn2vE
f/Xrss1EciwP1LRol91++GDi
=DEs4
-----END PGP SIGNATURE-----

Current thread:

NT Login Default Folder Vulnerability Ben Greenbaum (Jul 06)
- Re: NT Login Default Folder Vulnerability wazza () ARO EE CIT AC NZ (Jul 06)
- Re: NT Login Default Folder Vulnerability Dimitry Andric (Jul 07)
- <Possible follow-ups>
- Re: NT Login Default Folder Vulnerability Russ (Jul 06)