[NT] Odd Behavior in Windows XP Home (Security Vulnerability, Shares)
From: support@securiteam.comDate: 01/25/02
- Previous message: support@securiteam.com: "[NT] Serious Privacy Leak in Python for Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Fri, 25 Jan 2002 14:42:33 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Odd Behavior in Windows XP Home (Security Vulnerability, Shares)
------------------------------------------------------------------------
SUMMARY
The Guest account in Windows XP Home Edition and Windows XP Professional
(when not joined on a domain) serves several special functions that relate
to security and network shares. Thus if you in the Control Panel, turn off
the Guest account (which removes the listing of the Guest account from the
Fast User Switching Welcome screen) the Guest account will not be
disabled. This would open the host to attack through the Guest account.
DETAILS
An unexpected behavior has been observed when configuring Windows XP Home
Edition. It appears that disabling the Guest account (from the User
Accounts tool) only removes the Log-On Local right. Guest users are still
able to connect to shared resources across the network.
Microsoft Knowledge Base article
<http://www.microsoft.com/technet/support/kb.asp?ID=300489> Q300489
describes this behavior and states that it is by design.
This could lead to a compromising of the host, since Guest users are able
to access shared directories, and store files there.
Workaround:
Change the password of the Guest account to a difficult to guess one.
ADDITIONAL INFORMATION
The information has been provided by <mailto:johnson.jc.1@PG.COM> Cullen
Johnson.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] Serious Privacy Leak in Python for Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
