Bugtraq mailing list archives

Re: Local Security Vulnerability in Windows NT and Windows 2000

From: "Alexander K. Yezhov" <admin () leader ru>
Date: Fri, 29 Mar 2002 23:31:21 +0300

Following upon the letter of Wednesday, March 27, 2002:

AOK> DebPloitFix   assigns   the   new   security  descriptor  to  the
AOK> DbgSsApiPort LPC port so only the local system (SYSTEM user) will
AOK> be able to access this port.

I've  seen  it  installed  on  Citrix Metaframe once. Clients couldn't
connect  to the terminal server after installing this patch. Could you
confirm that DebPloitFix cannot cause such problem ?

Best regards, Alexander                           

-----------------------------------------------------------------------
         MCP+I, MCSE on Windows NT 4, MCSE on Windows 2000
  http://leader.ru http://tools-on.net (Security & Privacy on the Net)
-----------------------------------------------------------------------

Current thread:

Local Security Vulnerability in Windows NT and Windows 2000 Ashot Oganesyan K. (Mar 29)
- Re: Local Security Vulnerability in Windows NT and Windows 2000 Alexander K. Yezhov (Mar 31)