Bugtraq mailing list archives
Re: ... Tiny Personal Firewall ...
From: Scott Nursten <scottn () s2s ltd uk>
Date: Fri, 01 Mar 2002 16:55:40 +0000
Not being au fiat with Windows programming etc., I was wondering if this was standard practice? Surely if the workstation is locked it's supposed to stop all I/O? Isn't this also an OS related bug? No flames please, it's just a question. :) Regards, Scott -- On 28/2/02 2:53 pm, "Andrew Barkley" <andrew.barkley () usa net> wrote:
Hi ... Scanning hosts running the Tiny Personal Firewall (2.0.15a) on W2K workstations that have been locked (ctl + alt + del) The popup alert/dialogue jumps to the foreground, thus open to accept permit/deny input from the local console, even when the workstations are locked (ctl + alt + del). Thus an untrusted individual whom has local access to individuals workstations can scan a workstation/network, wait for the popup alert dialogue and enter "permit" on unattended (locked workstations) without the owners permission/knowledge, No need to first unlock (ctl + alt + del) ... CHEERS ...
Current thread:
- ... Tiny Personal Firewall ... Andrew Barkley (Feb 28)
- Re: ... Tiny Personal Firewall ... Maher Odeh (Mar 01)
- Re: ... Tiny Personal Firewall ... Scott Nursten (Mar 05)
- Re: ... Tiny Personal Firewall ... Dave Ahmad (Mar 04)
- Re: ... Tiny Personal Firewall ... Tom Geldner (Mar 05)
- Re: Tiny Personal Firewall elfs (Mar 05)
- Re: ... Tiny Personal Firewall ... J.Brown (Ender/Amigo) (Mar 06)
- Re: ... Tiny Personal Firewall ... Dave Ahmad (Mar 04)