Re: NT Domain_Create_Alias vulnerability

• To: NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
• Subject: Re: NT Domain_Create_Alias vulnerability
• From: Jonathan Wayne <jonathan.waynePRUDENTIAL.COM>
• Date: Thu, 28 May 1998 09:00:30 -0400
• Comments: cc: securitylistsHOTMAIL.COM
• Reply-To: Jonathan Wayne <jonathan.waynePRUDENTIAL.COM>
• Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>

Please note the following inaccuracy:

net localgroup /domain will create a local group on the domain in which the
_workstation_ has been registered, not in the user's account domain.

Also, if you have a Premier Account, creatals is available via the MS
ServiceDesk site.

jon



securitylistsHOTMAIL.COM on 05/28/98 12:42:46 AM
Wednesday May 27, 1998 09:42 PM
To:   NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
Subject:  NT Domain_Create_Alias vulnerability





In a recent article from InfoWorld's new Security Watch column on a
rediscovered NT weakness:

"The DOMAIN_CREATE_ALIAS vulnerability allows users with an account on
an NT domain to freely create Local Groups on the domain. Microsoft has
indicated that the purpose of this capability was to simplify security
management. A user can put other users into a group and assign access to
resources based on membership in that group. The command syntax is
simple: net localgroup [groupname] /add /domain. We wrote a simple
QuickBasic program to automate this process to silently create millions
of Local Groups in the space of a few hours, effectively downing the
server and making life miserable for the sysadmin even when corrected."

For the full text of the article and information on Microsoft's
unnoficial patch, see:

http://www.infoworld.com/cgi-bin/displayNew.pl?/security/980518sw.htm

Cheers,
The InfoWorld Security Team

• Prev by Date: NT Domain_Create_Alias vulnerability
• Next by Date: Re: NT Domain_Create_Alias vulnerability
• Prev by thread: NT Domain_Create_Alias vulnerability
• Next by thread: Re: NT Domain_Create_Alias vulnerability
• Index(es):
  • Date
  • Thread