funsec mailing list archives
Fwd: Third-party application developers and the WMF flaw
From: Col <colweb () gmail com>
Date: Mon, 16 Jan 2006 16:18:45 +0000
On 16/01/06, Richard M. Smith <rms () computerbytesman com> wrote: <snip>
Are there other security issues in the Windows operating system that need the attention of application developers that Microsoft is not informing developers about?
I would have to say theres quite a few things MS know about and arent telling. I have had a consultant brag about being able to compromise our whole root AD domain using basic techniques and no tools. All he needed was phyisical or RDP access to a DC (in the child domain) using a non-privilaged account. He commented "how else do we support a customer that has locked themselves out of their domains?" Makes you worry. Col. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Third-party application developers and the WMF flaw Richard M. Smith (Jan 16)
- Message not available
- Fwd: Third-party application developers and the WMF flaw Col (Jan 16)
- Re: Third-party application developers and the WMF flaw TheGesus (Jan 16)
- Re: Fwd: Third-party application developers and the WMF flaw Florian Weimer (Jan 17)
- Re: Fwd: Third-party application developers and the WMF flaw Col (Jan 18)
- Fwd: Third-party application developers and the WMF flaw Col (Jan 16)
- Message not available
- Re: Third-party application developers and the WMF flaw Gadi Evron (Jan 17)
- Infecting OEM Images Larry Seltzer (Jan 19)
- RE: Infecting OEM Images Richard M. Smith (Jan 19)
- Re: Infecting OEM Images Pierre Vandevenne (Jan 19)