Advisory RFP9903 |
||||
|
---
Advisory RFP9903 --------------------------------- rfp.labs ------------ Attacker can execute remote programms
under debugger context (AeDebug
vulnerability) ----------------------------------- rain forest puppy / rfp@wiretrip.net
--- Table of contents: ---------------------------------------------------------------------------- October is Octoberfest Advisory month: one rfp.labs release planned each week ----------------------------------------------------------------------------- ----[ 1. Scope of problem Let me start off with the mechanism has
been discussed before. In \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion ...as well as a key that indicates whether or not to prompt the user to run \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug\auto Now, the problem is very simple. First,
also by default, the winreg This means these keys are remotely
accessible and allow anyone to
----[ 2. Solution There has been previous discussion on
this type of vulnerability--all \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ from the winreg AllowedPaths key, found at: \HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers This will prevent remote modification of these keys. Next, remove the Set That's it. Very simple.
----[ 3. Miscellaneous Updates - Like I mentioned before, October is
Octoberfest Advisory month. - My website is narrowing completion!
Many people have been - Many people have emailed me wondering
about the release of version - You may have noticed no humor,
sarcasm, or snide remarks in this - Why the formal advisory numbering
system and format? Well, it's - Phrack 55 is out--good stuff.
www.phrack.com Packetstorm is back. - Practical application of one of the
perl problems I talked about in
--- rain forest puppy / rfp@wiretrip.net
---------------- ADM / wiretrip --- Support your local security professional. Buy him/her sparcs and ciscos. --- Advisory RFP9903 --------------------------------- rfp.labs ------------
|
Naviguer, lire.... Le Sommaire |
Communiquer... |
Les rubriques! |
Les rubriques! |
Les dossiers |
Malade mental... Qui est Jean-Paul Ney, Le texte de la condamnation |
Malade mental, bis repetita Jean-Paul Ney condamné Condamnation de Jean-Paul Ney |
D'autres choses... |
Rechercher... et sur le Net... |