Full Disclosure mailing list archives

Re: Question for the Windows pros

From: Paul Schmehl <pauls () utdallas edu>
Date: Thu, 19 Jan 2006 10:28:52 -0600

--On Thursday, January 19, 2006 10:32:44 +0100 Nicolas RUFF<nicolas.ruff () gmail com> wrote:


The ImpersonateNamedPipeClient() risks have been fully documented by
Blake Watts back in 2002.
http://www.blakewatts.com/namedpipepaper.html

Does the Impersonate a client after authentication privilege grant theaccount access to ImpersonateNamedPipeClient?


Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Question for the Windows pros, (continued)
- - - Re: Question for the Windows pros Paul Schmehl (Jan 18)
    - Re: Question for the Windows pros Bernhard Mueller (Jan 18)
    - Re: Question for the Windows pros Paul Schmehl (Jan 19)
    - Re: Question for the Windows pros Dave Korn (Jan 19)
    - Re: Question for the Windows pros Dave Korn (Jan 19)
    - Re: Re: Question for the Windows pros Paul Schmehl (Jan 19)
    - Re: Re: Question for the Windows pros Nicolas RUFF (Jan 23)
    - Re: Question for the Windows pros Jerome Athias (Jan 19)
    - Re: Question for the Windows pros Paul Schmehl (Jan 19)
- Re: Question for the Windows pros Nicolas RUFF (Jan 19)
  - Re: Question for the Windows pros Paul Schmehl (Jan 19)