Bugtraq mailing list archives

Re: Samba Remote Zero-Day Exploit

From: Dan Kaminsky <dan () doxpara com>
Date: Sat, 6 Feb 2010 17:30:08 -0500

On Feb 6, 2010, at 5:26 PM, "Stefan Kanthak" <stefan.kanthak () nexgo de>wrote:

Dan Kaminsky wrote on February 06, 2010 6:43 PM:

You need admin rights to create junctions.


OUCH!
No, creating junctions (as well as the Vista introduced symlinks)
DOESN'T need admin rights!

[snip]


Really?  Try. Especially remotely over SMB w/o remote interactive.

Stefan

Current thread:

Re: Samba Remote Zero-Day Exploit, (continued)
- - - Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
  - RE: Samba Remote Zero-Day Exploit David Jacoby (Feb 09)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
  - Message not available
    - Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 08)
    - RE: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 08)
    - Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 09)
    - RE: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 09)
    - Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 08)
    - Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 08)
    - Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 08)
  - Re: [Full-disclosure] Samba Remote Zero-Day Exploit Thierry Zoller (Feb 08)
    - Re: [Full-disclosure] Samba Remote Zero-Day Exploit paul . szabo (Feb 08)
    - Re: [Full-disclosure] Samba Remote Zero-Day Exploit Krzysztof Halasa (Feb 09)