Vulnerability Development mailing list archives

Re: Windows2000 telnet exploit

From: Olle Segerdahl <olle () ENVY2 NXS SE>
Date: Fri, 24 Nov 2000 16:05:26 +0100

On Thu, Nov 23, 2000 at 11:32:06AM +0100, Sandro Gauci wrote:

problem in the Telnet Server but rather a problem in the overall
authentication
process of Windows 2000, because I have also noticed the issue on a 3rd
Party
(non-MS) software which uses Windows 2000 authentication. I do not think
this
is a buffer overflow, the error message suggests that Windows 2000 is
searching
for some file: I cannot see any reason behind this.


I don't think WIN ever searches for filenames in the authentication process,
the error message could be the result of a failed registry lookup though...

/olle

Current thread:

Windows2000 telnet exploit Philip Wagenaar (Nov 23)
- <Possible follow-ups>
- Re: Windows2000 telnet exploit Sandro Gauci (Nov 24)
  - Re: Windows2000 telnet exploit Olle Segerdahl (Nov 25)
- Re: Windows2000 telnet exploit Marty (Nov 27)
- Re: Windows2000 telnet exploit Robert G. Ferrell (Nov 28)
  - Re: Windows2000 telnet exploit David Rhodus (Nov 29)