Windows XP User Name/Full Name security hole

From: James Prairie Yada (j_horton_at_PRAIRIEGROUP.COM)
Date: 01/25/04

  • Next message: Steve Shockley: "Re: Windows Update Error 0x800C0008 after updating the WU client"
    Date:         Sat, 24 Jan 2004 19:02:28 -0600
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    In Windows XP Professional, Windows allows you to log in under either the
    'User Name' or the 'Full Name' fields when the user is added to the system.
    Often, these two fields are the same, but the 'Full Name' field can be
    either blank or can be duplicate, ie. several users can have, say "user" in
    the Full Name field. If left blank, this makes logon possible by password
    only, making dictionary attacks much easier, since if any or all users have
    a blank in the fullname field, the first hit on any password gets you in.

    I have not tested this with Active Directory in Server 2003, but the
    behaviour exists in standalone and peer networks in XP Professional.

    --Jim

    -----
    Editor's Note: The 43rd Most Powerful Person in Networking says...

    Out of Office replies to list messages cause you to be unsubscribed automatically. Either subscribe a Public Folder, or ensure your rules are set to ensure list messages are filtered prior to your Out of Office reply. Such automatic replies are a bane to posters, and cause us to have fewer researchers post to NTBugtraq.
    -----


  • Next message: Steve Shockley: "Re: Windows Update Error 0x800C0008 after updating the WU client"