Re: [Full-disclosure] Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins to Temporarily Escalate Privileges and Login as Cached Domain Admin Accounts (2010-M$-002)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kurt Dillard said the following on 13/12/10 20:09:
So far I agree with Thor. Did I miss something? Has anyone demonstrated
using the locally cached credentials to access resources across the network?
So far I haven't seen anything new or interesting in this thread:

Since the procedure involves the disconnection from network, IMHO this "flaw"
only demonstrates that the physical access is equal to the root/Administrator
access.


Ciao,
luigi

- --
/
+--[Luigi Rosa]--
\

You talk like a Minbari, Commander.
Perhaps there was some small wisdom in letting your species survive.
--Neroon, "Legacies"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk0Gd6oACgkQ3kWu7Tfl6ZRGugCfcbXguUKxEoG7pNtr18gWp+gt
rtEAoJhq6+Xg89/dn5vbXL6yjlC/H+nG
=urN/
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/