lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 21 Apr 2005 11:50:33 -0000
From: Alex Garrett <alex@...loitthissite.org>
To: bugtraq@...urityfocus.com
Subject: APG Classmaster Workstation Windows SMB share access vulnerability




Greetings,

This vulnerability affects (I believe) all APG Classmaster Workstation
versions. It remains a problem as an attacker can access shares with full permissions over a LAN.

An attackers needs to issue a simple command in an MSDOS prompt (using the net windows application), mapping an account to a specified drive, as below:

net use [drive]: \\[server]\[user]$

A DIR command at this stage gives an access denied error. Knowing the name of the files area (which will be the same for each user) can lead to changing directory to that folder...

cd 'My files'

An attacker now has full permissions on a selected users 'my files' area.



Alex Garrett

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ