Full Disclosure mailing list archives
RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access
From: "Michael Scheidell" <scheidell () secnap net>
Date: Sat, 18 Sep 2004 11:39:56 -0400
XP HOME??? I am not talking about XP home. -----Original Message----- From: Shawn McMahon [mailto:smcmahon () eiv com] Sent: Saturday, September 18, 2004 10:07 AM To: Michael Wilson, Contractor Cc: Chris Norton; Michael Scheidell; bugtraq () securityfocus com; vulnwatch () vulnwatch org; full-disclosure () lists netsys com; vuln () security-corporation com; security-alert () austin ibm com; cert () us ibm com Subject: Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access On Fri, Sep 17, 2004 at 03:08:34PM -0500, Michael Wilson, Contractor said:
It is most likely the Vendor Install Customization that has caused
this
issue, as true enough, most vendor installs force you to pick an administrator password before using the system. If the account is
hidden,
then it is definitely IBM's doing as I have never seen a Windows
install
where the administrator account could not be seen under the accounts
tab. Averatec laptop installs of XP Home have it hidden; you have to boot in Safe Mode to add a password. The documentation that specifies this is a Microsoft product, so I suspect it's the same with other installs of Home, but I have only left the packaged install of XP Home on one machine ever, so I am not at all sure of this. -- Shawn McMahon | Let's set the record straight. There is no argument EIV Consulting | over the choice between peace and war, but there is UNIX and Linux | only one guaranteed way you can have peace - and you http://www.eiv.com | can have it in the next second - surrender. - Reagan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access, (continued)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Scheidell (Sep 17)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Scheidell (Sep 17)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Wilson, Contractor (Sep 17)
- RE: RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Phillip R. Paradis (Sep 17)
- Re: RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Valdis . Kletnieks (Sep 21)
- RE: RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Phillip R. Paradis (Sep 17)
- Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Chris Norton (Sep 18)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Wilson, Contractor (Sep 17)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Scheidell (Sep 18)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Scheidell (Sep 18)
- RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access Michael Scheidell (Sep 18)
- Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access RandallM (Sep 18)