Vulnerability Development mailing list archives
Windows 2000 [telnet] ?problem?
From: Erik Tayler <erik () DIGITALDEFENSE NET>
Date: Thu, 18 Jan 2001 11:00:42 -0600
I was able to confirm the "problem" that has been floating around the vuln-dev list. It worked with the value of NTLM being 0, and also worked as 1. Other posters confirm that they may login as "Administrator" via such methods, I was unable to confirm such a result. It is my understanding that in order for this little flaw to work, you may not have the Guest account disabled. Microsoft (R) Windows (TM) Version 5.00 (Build 2195) Welcome to Microsoft Telnet Service Telnet Server Build 5.00.99201.1 login: guest Login through Guest account not allowed login: \\guest [truncated output][login was successful] Erik Tayler Security Analyst Digital Defense Incorporated http://www.digitaldefense.net
Current thread:
- Windows 2000 [telnet] ?problem? Erik Tayler (Jan 18)