Full Disclosure mailing list archives
Re: Microsoft Windows Vista/2003/XP/2000 file management security issues
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 9 Mar 2007 23:48:05 +0300
Dear Michele Cicciotti, --Friday, March 9, 2007, 9:00:05 PM, you wrote to full-disclosure () lists grok org uk:
Scenario 1.1: Bob wishes to create "Bob private data" folder in "Public" folder to place few private files. "Public" has at least "Write" permissions for "User" group. Bob:
MC> This is, of course, wrong. You muddy the issue with the "Write MC> permissions for User group" red herring and we are all supposed to MC> oooh and aaah at your sleigh-of-hand trickery. Of course, a proper MC> public repository for private folders should have saner settings MC> than that, to begin with. First, Bob's private data was just an example. A problem itself belongs to any case where data with more restrictive permissions is created in a folder with less restrictive permissions. And despite Mr. Grimes says, this is quite common case under Windows and can be found in almost any real corporate directory structure. If you ever removed "Inherit from parent" checkbox in advanced security settings - you most probably were vulnerable to attack. Show me administrator who never did. Second, "Preopen file attack" and everything below will work with saner "Add and read permission for User group". Any usage of "Creator owner" group is a case where this can be exploited. -- ~/ZARAZA http://securityvulns.com/ Ибо факты есть факты, и изложены они лишь для того, чтобы их поняли и в них поверили. (Твен) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Microsoft Windows Vista/2003/XP/2000 file management security issues Michele Cicciotti (Mar 09)
- Re: Microsoft Windows Vista/2003/XP/2000 file management security issues 3APA3A (Mar 09)