Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access

From: Chris Norton (kicktd_list_at_hotmail.com)
Date: 09/17/04

Next message: KF_lists: "Re: [Full-Disclosure] Severe exploit found, all UNIX are affected!"

Previous message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] Severe exploit found, all UNIX are affected!"
In reply to: Michael Scheidell: "[Full-Disclosure] Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
Next in thread: Michael Wilson, Contractor: "[Full-Disclosure] RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
Reply: Michael Wilson, Contractor: "[Full-Disclosure] RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
Reply: pingywon MCSE: "RE: [Full-Disclosure] Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
Reply: Michael Wilson, Contractor: "RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
Reply: Michael Wilson, Contractor: "[Full-Disclosure] RE: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Michael Scheidell" <scheidell@secnap.net>, <bugtraq@securityfocus.com>, <vulnwatch@vulnwatch.org>, <full-disclosure@lists.netsys.com>
Date: Fri, 17 Sep 2004 10:59:29 -0500

This "hidden" Administrator account is part of Windows XP and NOT IBM's
porblem.
Every Windows XP system ships and installs with the Administrator and blank
password.
This "hidden" account has been known about for some time, just like Windows
2000
Administrator account is the same way. There are ways to disable or change
the
Administrator name and password or to disable the account completely.

--
Chris Norton
UAT Student Software Engineering Network Defense

Next message: KF_lists: "Re: [Full-Disclosure] Severe exploit found, all UNIX are affected!"

Relevant Pages

RE: How to wreck a computer via a vpn connection and administrator account ?
... my understanding of this issue is: How to wreck a computer ... with Windows XP by logging into it remotely via VPN connection, ... Administrator Account had been stolen. ... To protect Administrator Account better: ...
(microsoft.public.windowsxp.work_remotely)
RE: Recovery console password problem
... The passwords of the server I ... It is kinda the problem WinXP has with recovery console and password. ... a Windows update, btw). ...
(microsoft.public.windows.server.general)
Re: Windows XP password
... to start windows under his user name. ... Administrator account and going to Control Panel -> User Accounts to change the ... restart the computer and boot into Safe Mode. ... Ultimate Boot CD for Windows® ...
(microsoft.public.windowsxp.help_and_support)
Re: Windows XP Home Edition all versions netbios sessions bug
... All my computers are default installation Windows XP SP3 Professional ... I know the administrator account comes with a blank password at all xp ... I know that windows xp home edition supports only simple file shating and ...
(microsoft.public.windowsxp.network_web)
Re: Forgot Windows Password
... I have a friend who has forgotten his Windows sign on ... I have never used a Windows sign on Password, ... Administrator account and going to Control Panel -> User ... keyboard to select Safe Mode. ...
(microsoft.public.windowsxp.basics)