Re: DebPloit (exploit)
From: David Wentworth (David.Wentworth@UCOP.EDU)Date: 04/02/02
- Previous message: Joe Goldstein: "IE 5.x SSL Through Proxy Server Issue"
- Next in thread: Kurt Seifried: "Re: DebPloit (exploit)"
- Reply: Kurt Seifried: "Re: DebPloit (exploit)"
- Reply: Florian Weimer: "Re: DebPloit (exploit)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Apr 2002 17:40:54 -0800 From: David Wentworth <David.Wentworth@UCOP.EDU> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Folks, I'm wondering why this exploit hasn't generated any discussion, even
after the eWeek article about it last Friday (
http://www.eweek.com/article/0,3658,s=1884&a=24761,00.asp ). Has anyone
applied the fix? Or are you waiting for Microsoft to fix it? Or are you not
worried about it?
Dave
At 12:30 PM 3/14/2002 +0100, you wrote:
> allows everyone to get handles to ANY process and thread
>(and further to become administrator. etc...) in Windows NT 4.0 and Windows
>2000 (maybe 3.51 too).
>http://www.anticracking.sk/EliCZ/bugs/DebPloit.zip contains
>details and fix. Microsoft was notified about it.
- Previous message: Joe Goldstein: "IE 5.x SSL Through Proxy Server Issue"
- Next in thread: Kurt Seifried: "Re: DebPloit (exploit)"
- Reply: Kurt Seifried: "Re: DebPloit (exploit)"
- Reply: Florian Weimer: "Re: DebPloit (exploit)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
