command prompt in w2k

From: GaryR64@AOL.COM
Date: 01/25/02


Date:         Fri, 25 Jan 2002 13:49:15 EST
From: GaryR64@AOL.COM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

we were testing a "locked down" w2k laptop with the policy set not to allow
command prompts and we discovered that cmd.exe from nt40 runs just fine. we
had to rename it to an "allowed" executable but it did work.
it did catch cmd.exe from w2k and xp and prevented them from running no
matter what they were named. i don't know if this is a bug or a loopole.

garyr64@aol.com

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by Qualys - Make Your Network Secure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Go Beyond PARTIAL Security: FREE White Paper

Stop hassling with half-baked ENTERPRISE SECURITY.
FREE White Paper shows you how to ensure TOTAL security for your Internet
perimeter with the most current and most complete PROACTIVE Vulnerability
Assessment solution. Get your FREE White Paper now. Click here!
https://www.qualys.com/forms/techwhite_86.html
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo