| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Dec 2010 20:44:46 +0100
From: Luigi Rosa <lists@...girosa.com>
To: Kurt Dillard <kurtdillard@....com>
Cc: 'George Carlson' <gcarlson@...s.edu>, full-disclosure@...ts.grok.org.uk,
bugtraq@...urityfocus.com, 'Andrea Lee' <andrea@...trap.net>
Subject: Re: Flaw in Microsoft Domain Account Caching
Allows Local Workstation Admins to Temporarily Escalate Privileges and
Login as Cached Domain Admin Accounts (2010-M$-002)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kurt Dillard said the following on 13/12/10 20:09:
> So far I agree with Thor. Did I miss something? Has anyone demonstrated
> using the locally cached credentials to access resources across the network?
> So far I haven't seen anything new or interesting in this thread:
Since the procedure involves the disconnection from network, IMHO this "flaw"
only demonstrates that the physical access is equal to the root/Administrator
access.
Ciao,
luigi
- --
/
+--[Luigi Rosa]--
\
You talk like a Minbari, Commander.
Perhaps there was some small wisdom in letting your species survive.
--Neroon, "Legacies"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk0Gd6oACgkQ3kWu7Tfl6ZRGugCfcbXguUKxEoG7pNtr18gWp+gt
rtEAoJhq6+Xg89/dn5vbXL6yjlC/H+nG
=urN/
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists