Re: [Full-disclosure] Samba Remote Zero-Day Exploit

From: "Stefan Kanthak" <stefan.kanthak@xxxxxxxx>
Date: Sat, 6 Feb 2010 23:26:22 +0100

Dan Kaminsky wrote on February 06, 2010 6:43 PM:

You need admin rights to create junctions.

OUCH!
No, creating junctions (as well as the Vista introduced symlinks)
DOESN'T need admin rights!

[snip]

Stefan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Samba Remote Zero-Day Exploit
  - From: Dan Kaminsky

References:
- Re: [Full-disclosure] Samba Remote Zero-Day Exploit
  - From: paul . szabo
- Re: [Full-disclosure] Samba Remote Zero-Day Exploit
  - From: Dan Kaminsky
- Re: [Full-disclosure] Samba Remote Zero-Day Exploit
  - From: Stefan Kanthak
- Re: [Full-disclosure] Samba Remote Zero-Day Exploit
  - From: Dan Kaminsky

Prev by Date: [Full-disclosure] The true power of cache
Next by Date: [Full-disclosure] CORELAN-10-010 - GeFest Web HomeServer v1.0 Remote Directory Traversal Vulnerability
Previous by thread: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Next by thread: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Index(es):
- Date
- Thread

Relevant Pages

Re: Samba Remote Zero-Day Exploit
... creating junctions (as well as the Vista introduced symlinks) ... DOESN'T need admin rights! ...
(Bugtraq)
Re: Samba Remote Zero-Day Exploit
... creating junctions (as well as the Vista introduced symlinks) ... DOESN'T need admin rights! ...
(Bugtraq)
Re: [Full-disclosure] Samba Remote Zero-Day Exploit
... DOESN'T need admin rights! ... Especially remotely over SMB w/o remote interactive. ... Full-Disclosure - We believe in it. ...
(Full-Disclosure)
RE: [Full-Disclosure] Foundstone Labs to Release Absolutely FREE Tool
... As I'm sure most of you are already aware, security news groups are being ... [Full-Disclosure] Foundstone Labs to Release Absolutely FREE ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
(Full-Disclosure)
[Full-disclosure] RE: Want to test this desktop barrier? (Unauthorized offer) > 0day protection
... [Full-disclosure] Want to test this desktop barrier? ... My first reaction on reading the article was that finally Windows ...
(Full-Disclosure)