Bugtraq mailing list archives
Re: RFP9903: AeDebug vulnerability
From: stnor () SWEDEN HP COM (Stefan Norberg)
Date: Wed, 6 Oct 1999 23:37:08 +0200
One other thing to consider is that when user processes crash, they can sometimes create a user.dmp file, which like UNIX-style core files can sometimes contain information useful to an attacker. There is a way to turn this off, but I don't recall what it is at the moment.
Run drwtsn32.exe and uncheck "Create Crash Dump File" or just edit the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DrWatson\CreateCrashDump = 0 /stefan
Current thread:
- Re: RFP9903: AeDebug vulnerability David LeBlanc (Oct 03)
- Re: RFP9903: AeDebug vulnerability .rain.forest.puppy. (Oct 03)
- Re: RFP9903: AeDebug vulnerability Pete Deuel (Oct 05)
- NetScreen Brain-deadness... Ash (Oct 05)
- RH6.0 local/remote command execution Neezam Haniff (Oct 06)
- Re: RH6.0 local/remote command execution D (Oct 08)
- tcpdump under RedHat 6.1 Renaud Deraison (Oct 09)
- Re: NetScreen Brain-deadness... Dave McPike (Oct 06)
- RH6.0 local/remote command execution Neezam Haniff (Oct 06)
- Re: RFP9903: AeDebug vulnerability Stefan Norberg (Oct 06)
- <Possible follow-ups>
- Re: RFP9903: AeDebug vulnerability Todd Sabin (Oct 05)
- Re: RFP9903: AeDebug vulnerability David LeBlanc (Oct 05)
- Re: RFP9903: AeDebug vulnerability Joe Melhado (Oct 06)
- Re: RFP9903: AeDebug vulnerability Enno Rey (Oct 07)