| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Dec 2010 15:14:04 -0600
From: Jason Lang <jllang320@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Flaw in Microsoft Domain Account Caching
Allows Local Workstation Admins to Temporarily Escalate Privileges and
Login as Cached Domain Admin Accounts (2010-M$-002)
So you are saying that the use can perform action on the domain?
Things like create/delete user accounts. Your initial statement does
not say anything about taking action on any network resources. I find
it hard to believe that would be the case because user would not have
a valid kerberos ticket because they did not log into the domain.
Jason Lang
From: jcoyle () winwholesale com
Date: Fri, 10 Dec 2010 14:44:35 -0500
You are completely missing the point..
Local admins become Domain Admins.
From: "Stefan Kanthak" <stefan.kanthak () nexgo de>
To: <bugtraq () securityfocus com>,
<full-disclosure () lists grok org uk>
Cc: <stenoplasma () exploitdevelopment com>
Date: 12/10/2010 01:08 PM
Subject: Re: Flaw in Microsoft Domain Account Caching Allows Local
Workstation Admins to Temporarily Escalate Privileges and Login
as Cached Domain Admin Accounts (2010-M$-002)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists