Vulnerability Development mailing list archives

NT 4.0 (Workstation) Logon Authentication Vulnerability

From: jhw1970 () HOTMAIL COM (jhw1970 () HOTMAIL COM)
Date: Tue, 14 Mar 2000 13:19:06 -0000


Scenario:  User logon to WinNT domain.

Problem:  I believe WinNT may cache user passwords.  This
allows a user to disconnect a terminal from the network and
login to the workstation locally without being
authenticated by the PDC or BDC.

Vulnerability:  A malicious user may disconnect a machine
from the network and add/remove software without being
audited by the PDC/BDC.  Also, a user who has been deleted
from the domain users list may still have access to a
machine which he/she had used in the past.

Current thread:

Re: spoofing the ethernet address, (continued)
- - Re: spoofing the ethernet address Ex Machina [xm] (Mar 06)
- Re: spoofing the ethernet address Buhrmaster, Gary (Mar 06)
- Re: spoofing the ethernet address Pauli Ojanpera (Mar 06)
  - Re: spoofing the ethernet address Ex Machina [xm] (Mar 07)
    - Re: spoofing the ethernet address Dimitrios Petropoulos x9234 Singer / 4 (Mar 08)
    - [Q] CORBA, IIOP Simon Tamás (Mar 08)
    - Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Mikael Olsson (Mar 09)
    - Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Nicolas Justin (Mar 10)
    - Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Liviu Daia (Mar 10)
    - MS Frontpage shtml.dll Path Leak Vulnerability Greg (Mar 12)
    - NT 4.0 (Workstation) Logon Authentication Vulnerability jhw1970 () HOTMAIL COM (Mar 14)
    - Re: NT 4.0 (Workstation) Logon Authentication Vulnerability Phil Cox (Mar 14)
    - Re: NT 4.0 (Workstation) Logon Authentication Vulnerability Maxime Rousseau (Mar 15)
    - Re: MS Frontpage shtml.dll Path Leak Vulnerability Marc (Mar 14)
    - Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Simon Tamás (Mar 13)
    - (another) MS Outlook hole in embedded metafiles? Michael Wojcik (Mar 08)
    - Re: spoofing the ethernet address Pavel Kankovsky (Mar 09)
    - Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 10)
    - DoS in ArGoSoft FTP Server, Version 1.04 (1.0.4.4) for win* Knud Erik Hřjgaard (Feb 11)
    - Re: Extending the FTP "ALG" vulnerability to any FTP client Dug Song (Mar 11)
    - Security auditing of network infrastructure Martin M Samson (Mar 11)

(Thread continues...)