Re: NT Login Default Folder Vulnerability

Dimitry Andric (dimXS4ALL.NL)
Wed, 7 Jul 1999 12:02:30 +0200

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Pavel Ahafonau: "Re: L0pht 'Domino' Vulnerability is alive and well"
• Previous message: Paul Leach: "MS Chap v2 analysis"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06-07-99 at 11:56 Ben Greenbaum wrote:

>When a user logs into an NT machine, there are a few processes that
are
>started automatically, including explorer.exe. These programs are
normally
>in %winroot% or %winroot%\system32. The problem is that NT will look
for
>these programs first in the user's home directory.

This is ultimately caused by the fact that in MS-DOS, Windows and NT,
"." has always implicitly been the first entry in the PATH. And when
NT starts up an executable, the current directory is initially set to
the user's home directory...

Cheers,
/Dim
- --
Dimitry Andric <dimxs4all.nl>
PGP key: http://www.xs4all.nl/~dim/dim.asc
KeyID: 4096/1024-0x2E2096A3
Fingerprint: 7AB4 62D2 CE35 FC6D 4239 4FCD B05E A30A 2E20 96A3

-----BEGIN PGP SIGNATURE-----
Version: Encrypted with PGP Plugin for Calypso
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm

iQA/AwUBN4MXn7BeowouIJajEQKJtQCfTelelgKHbOwhMydvy/bJM5Q3ZNkAn2vE
f/Xrss1EciwP1LRol91++GDi
=DEs4
-----END PGP SIGNATURE-----

• Next message: Pavel Ahafonau: "Re: L0pht 'Domino' Vulnerability is alive and well"
• Previous message: Paul Leach: "MS Chap v2 analysis"

This archive was generated by hypermail 2.0b3 on Tue Jul 06 1999 - 18:38:18 CDT