lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Dec 2010 18:49:24 +0000 From: "Thor (Hammer of God)" <thor@...merofgod.com> To: David Gillett <gillettdavid@...a.edu>, 'George Carlson' <gcarlson@...s.edu>, "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>, "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Flaw in Microsoft Domain Account CachingAllows Local Workstation Admins to Temporarily Escalate Privileges andLogin as Cached Domain Admin Accounts (2010-M$-002) You made all domain users local admin? Or did you do some sort of RUNAS in the logon script? >-----Original Message----- >From: David Gillett [mailto:gillettdavid@...a.edu] >Sent: Monday, December 13, 2010 10:16 AM >To: Thor (Hammer of God); 'George Carlson'; bugtraq@...urityfocus.com; >full-disclosure@...ts.grok.org.uk >Subject: RE: [Full-disclosure] Flaw in Microsoft Domain Account CachingAllows >Local Workstation Admins to Temporarily Escalate Privileges andLogin as >Cached Domain Admin Accounts (2010-M$-002) > >> If I take the domain admin out of my local administrators, they can't >> do >anything. Done. > > Back when I did AD/domain support, all domain user accounts got a profile >that included a trivial script to re-add Domain Admins to the Local Admins >group. So this kind of local removal shenanigans lasted only until the user >next logged into the domain. > >David Gillett _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists