lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030928030250.3789.qmail@web20207.mail.yahoo.com>
From: visitbipin at yahoo.com (bipin gautam)
Subject: WINDOWS XP software restriction policy [path rule] bypass...

/this is my temporary email add. as my old server is
getting a huze dDOS! hopefully, soon within few days
i'll be using my old email address./

alternate email: bipin@...us.org.np [Bipin Gautam ] 
------------------------------------------------------------------------------------------


WINDOWS XP software restriction policy [path rule]
bypass...

Risk level: LOW - Medium

---DESCRIPTION---
With software restriction policies, you can protect
your computer environment from UN trusted code by
identifying and specifying which applications are
allowed to run. The applications can be identified in
policy through a specified path creating a rule. The
administrator can extensively control the rights of
the users/applications through path rule.
	 But under certain circumstances windows xp fails to
block a application from executing from the particular
directory even if the path rule of a directory is
../*.* [disallowed] But surprisingly, I was only able
to execute the file from a restricted directory that
was in FAT file system. [Doesn't seem to work in NTFS]
---[EXPLOIT]---
Excludable files could be run from the restricted
directory. [Path rule restriction]
http://www.geocities.com/visitbipin/ms.zip
Create a path rule say, ../*.* [disallowed] to your
desktop and reboot your computer. Well, now windows
will not allow to you to execute any common excludable
from your desktop. Copy the "CTR trouble!.COM" &
"safe.EXE" to your desktop and try executing it. Well,
surprisingly windows will allow you to execute the
files. [JUST AN EXAMPLE]
--[Background Information]--
The bug was originally discovered by hUNT3R, [myself]
a member of 01 Security Submission. The vendor was
notified via email.
http://www.ysgnet.com/hn



__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ