Bugtraq mailing list archives
Re: NT security et al (Dangers of NetBIOS/NBT?)
From: jacob () esisys com (Jacob Langseth)
Date: Fri, 27 Sep 1996 16:18:31 -0400
o Windows 3.11 has share bugs microsoft will never apparently fix, whereby any share allows the whole disk to be accessed by using a ../../.. type construct and the smbfs client code.
Well, there is actually a fix available for Windows 3.11. Take a look at <http://www.microsoft.com/kb/peropsys/windows/q136418.htm> While we're on the subject of NT network pet peeves (aka NetBios gotchas), here's some more: ppl can view full process lists from remote (via pview's connect feature) (pview.exe is included w/ MSVC++). ppl can read portions of the registry remotely (via regedt32.exe). This can be REALLY BAD for NT workstations configured to use auto-logon, as people usually forget to remove read permission from the WinLogon entry (which keeps the auto-logon password stored in cleartext). ppl can read Application and Event logs remotely (w/ eventvwr.exe) Is it just me, or is the entire principle of releasing this kind of information (logs, processes, registry info), w/o explicit permission from the administrator, completely flawed? Anyone know how to disable these 'features'? JwL -- Jacob Langseth -=-finger for PGP key-=- Enhanced Systems, Inc. email: jacob () esisys com 6961 PeachTree Ind Blvd voice: (770) 662-1504 ext. 684 Norcross, GA 30092 fax: (770) 662-1537
Current thread:
- Re: NT security et al (Dangers of NetBIOS/NBT?) Nick and Debbie Leask (Sep 26)
- Re: NT security et al (Dangers of NetBIOS/NBT?) Alan Cox (Sep 27)
- <Possible follow-ups>
- Re: NT security et al (Dangers of NetBIOS/NBT?) Jacob Langseth (Sep 27)
- Re: NT security et al (Dangers of NetBIOS/NBT?) Dan Shearer (Sep 27)
- Re: NT security et al (Dangers of NetBIOS/NBT?) Scriptors of DOOM (Sep 27)