Vulnerability Development mailing list archives
Re: "How Named Pipe Security Works" (update)
From: Matt Conover <shok () CAMEL ETHEREAL NET>
Date: Thu, 3 Aug 2000 07:37:11 -0700
After talking to some friends again, I need to correct my final paragraph. On the server side, you can only imperson someone *with* a local account. The named pipe connection isn't established until the client passes its credentials to the LSA (Local System Authority). An administrator on machine A couldn't talk to a named pipe on machine B without having an account on machine B. Matt
Current thread:
- ImpersonateNamedPipeClient() vulnerabilities Mikael Olsson (Aug 02)
- Re: ImpersonateNamedPipeClient -- "How Named Pipe Security Works" Matt Conover (Aug 03)
- Re: ImpersonateNamedPipeClient -- "How Named Pipe Security Works" Mikael Olsson (Aug 03)
- Re: ImpersonateNamedPipeClient -- "How Named Pipe Security Works" Matt Conover (Aug 03)
- Re: "How Named Pipe Security Works" (update) Matt Conover (Aug 03)
- Re: ImpersonateNamedPipeClient -- "How Named Pipe Security Works" Marc (Aug 03)
- Re: ImpersonateNamedPipeClient Matt Conover (Aug 03)
- Re: ImpersonateNamedPipeClient -- "How Named Pipe Security Works" Mikael Olsson (Aug 03)
- Re: ImpersonateNamedPipeClient -- "How Named Pipe Security Works" Matt Conover (Aug 03)