Full Disclosure mailing list archives
Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Wed, 18 Feb 2004 20:04:47 -0800
Last time I was at my doctor's medical clinic, I noticed all the shiny new LCD monitors showing the Windows logon prompt with account Administrator. I asked the receptionist why. She said so that anyone could sing on any machine when they needed it, since individual machines lock out so only signed user or administrator can sign on. They did have the screensaver timeout so people off the street couldn't sign on. But the only way to make the multiple workstations usable from for anybody was to use administrator account on all of them. This is a bit of a design flaw in the Windows network that means security is much less than it ought to be.
my question is... who is the admin / security manager for this locale? again, this is not a windows issue, it is an administrator issue in which the controlling admin of the network is clueless as to how to manage a flexible win-net. Donnie Werner dwerner () exploitlabs com http://exploitlabs.com 360-312-8011 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution, (continued)
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution gabriel rosenkoetter (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Dave Sherohman (Feb 18)
- RE: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Steve Wray (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Tim (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution gabriel rosenkoetter (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Tim (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution insecure (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Bill Royds (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Phil Brutsche (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Paul Schmehl (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution morning_wood (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Paul Schmehl (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Byron Copeland (Feb 18)
- Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution morning_wood (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Shawn K. Hall (RA/Security) (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution CHS (Feb 18)
- RE: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Byron Copeland (Feb 18)
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution madsaxon (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Brent J. Nordquist (Feb 18)
- Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Jorrit Kronjee (Feb 19)
- Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution Cael Abal (Feb 18)