| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000d01c2e50b$f6f53060$2b00a8c0@ibis.local> Date: Sat, 8 Mar 2003 02:45:06 +0200 From: "Andrew G. Tereschenko" <secure.bugtraq@....odessa.ua> To: <bugtraq@...urityfocus.com> Subject: Re: [EC-SA-01.2003] Windows XP "welcome screen" exposes the names of all the members of the local administrators group > Direct solution: > No direct solution at this time. > > > Workaround: > Avoid using the welcome screen and use only the normal logon screen. > http://www.kellys-korner-xp.com/xp_wel_screen.htm or http://www.google.com/search?q=%2BSpecialAccounts+%2BWindows+%2BXP Wellknown and supported way to remove/hide users from Welcome screen. Also I would like to note that there is a flaw in your report. Any user can retrive lists or users and shares in default configuration for NT4 and W2K using "null sessions". XP has some changes. This was already discussed in http://cert.uni-stuttgart.de/archive/focus-ms/2002/03/msg00088.html Just wanna everything will be clear, -- Andrew G. Tereschenko TAG Software Research Lab Odessa, Ukraine
Powered by blists - more mailing lists