|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
NT System Policy Security Breac
Subject: NT System Policy Security Breac
From: Adam L. Simms (adamls
SYNAPSIS.COM)
Date: Thu Dec 16 1999 - 11:28:36 CST
- Next message: Ussr Labs: "Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability"
- Previous message: Weld Pond: "Re: Alert: W32.NewApt.Worm being sent to NTBugtraq subscribers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
After disabling the File Drop Down with NT System Policies, I found found
that by opening up a application via OLE, i.e. Winword, I again have the
ability to
access the File Drop down menu. Once I did this, I was able to write a
macro into my Word *.doc file, and execute any command. I was able to gain
registry access as well as access User Manager and Domain Administration
access. The user that was logged on had User Only Rights. This occured on
both NT 4.0 and NT TS 4.0.
How can this be corrected?
- Next message: Ussr Labs: "Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability"
- Previous message: Weld Pond: "Re: Alert: W32.NewApt.Worm being sent to NTBugtraq subscribers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Fri Dec 17 1999 - 11:35:46 CST