Advisory RFP9903 |
||||
|
---
Advisory RFP9903 --------------------------------- rfp.labs ------------ Attacker can execute remote programms
under debugger context (AeDebug
vulnerability) ----------------------------------- rain forest puppy / rfp@wiretrip.net
--- Table of contents: ---------------------------------------------------------------------------- October is Octoberfest Advisory month: one rfp.labs release planned each week ----------------------------------------------------------------------------- ----[ 1. Scope of problem Let me start off with the mechanism has
been discussed before. In \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion ...as well as a key that indicates whether or not to prompt the user to run \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug\auto Now, the problem is very simple. First,
also by default, the winreg This means these keys are remotely
accessible and allow anyone to
----[ 2. Solution There has been previous discussion on
this type of vulnerability--all \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ from the winreg AllowedPaths key, found at: \HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers This will prevent remote modification of these keys. Next, remove the Set That's it. Very simple.
----[ 3. Miscellaneous Updates - Like I mentioned before, October is
Octoberfest Advisory month. - My website is narrowing completion!
Many people have been - Many people have emailed me wondering
about the release of version - You may have noticed no humor,
sarcasm, or snide remarks in this - Why the formal advisory numbering
system and format? Well, it's - Phrack 55 is out--good stuff.
www.phrack.com Packetstorm is back. - Practical application of one of the
perl problems I talked about in
--- rain forest puppy / rfp@wiretrip.net
---------------- ADM / wiretrip --- Support your local security professional. Buy him/her sparcs and ciscos. --- Advisory RFP9903 --------------------------------- rfp.labs ------------
|
Page d'accueil Nous écrire By mail Nous envoyer des commentaires By la page de le Feed-Back |
Nouveautés
et... |
Le Sommaire de Kitetoa (orientation...) Sommaire général du site |
Les
rubriques! Les
livres publiés par Kitetoa |
Les
rubriques! (suite) Les Let-R-s Des Images On s'en fout! KitEcout' KessTaVu? -KiteToile Voyages |
Les dossiers : Precision [ZataZ] Le monde fou des Admins Defcon Le hack le plus bizarre Guerre de l'info Convention contre la cyber-criminalité Hack |
Questionnaire visant à améliorer le contenu de ce site si c'est possible et pas trop compliqué |
Rechercher sur le site ...et sur le Net Des liens et D'autres choses du Ouèb |