Bugtraq mailing list archives
New Security Vulnerability in WinNT
From: stervino () INFO ENSERB U-BORDEAUX FR (Alexandre Stervinou)
Date: Sat, 13 Mar 1999 00:32:19 +0100
A new security vulnerability in Windows NT4 has been released, I was just surfin' on http://www.cybermedia.co.in/, when I saw this: <quote> CSPL has uncovered most serious Case Sensitivity vulnerability in Microsoft's Windows NT operating system. This security hole allows you to get "Administrator" access on a machine while logged in as "guest" or any ordinary user [...] Description: Using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager it is possible to trojan any system executables. </quote> -- Alexandre Stervinou mailto:stervino () info enserb u-bordeaux fr
Current thread:
- Re: Digital Unix 4 protected password database. Darren J Moffat - Enterprise Services OS Product Support Group (Mar 10)
- <Possible follow-ups>
- Re: Digital Unix 4 protected password database. der Mouse (Mar 10)
- New Security Vulnerability in WinNT Alexandre Stervinou (Mar 12)
- Re: Digital Unix 4 protected password database. Tim Pierce (Mar 12)
- Re: Digital Unix 4 protected password database. Nate Lawson (Mar 12)
- Re: Digital Unix 4 protected password database. Alec Muffett (Mar 15)
- Re: Digital Unix 4 protected password database. Alec Muffett (Mar 16)