Re: Another Mac OS X ScreenSaver Security Issue (after Security Update 2003-07-14)

From: Fred Noltie (noltie_at_airmail.net)
Date: 07/31/03

• Previous message: CHRIS GRABENSTEIN: "RE: Another Mac OS X ScreenSaver Security Issue (after Security Update 2003-07-14)"
• In reply to: Brian Eckman: "Re: Another Mac OS X ScreenSaver Security Issue (after Security Update 2003-07-14)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

To: <bugtraq@securityfocus.com>
Date: Thu, 31 Jul 2003 15:53:14 -0500

From: "Brian Eckman" <eckman@umn.edu>

> > If someone were to find a way to bind to those hotkeys, would you
> > then consider this a security issue with Windows? If so, how is
> > Apple's failure to block kill calls to the screen saver not a
> > security issue?
> >
> > Gavin
>
>
> Windows does allow others to bind to those hotkeys. The Novell client
is
> a good example. The Novell NDS password can be used to unlock the
screen
> saver, without requiring the Windows password to be entered. Obviously
> other programs could bypass the Windows authentication as well.
>

It's been a few years and things may have changed, but in the past
Novell accomplished this by replacing the standard msgina.dll with one
of their own making. Microsoft provides information on how to do this
sort of thing:

http://support.microsoft.com/default.aspx?scid=kb;en-us;810756

FWIW, there is even a GNU replacement (well, for NT, anyway):

http://wwwthep.physik.uni-mainz.de/~frink/newgina_pre09/readme.html

It seems to me, though, that if the admin replaces Microsoft's GINA, he
can't complain about how (or whether) the replacement traps
Ctrl+Alt+Del. I don't think (though I may be mistaken) that there's a
way to trap those hotkeys when Microsoft's msgina.dll is in place and
working properly.

Regards,

Fred Noltie

---

• Previous message: CHRIS GRABENSTEIN: "RE: Another Mac OS X ScreenSaver Security Issue (after Security Update 2003-07-14)"
• In reply to: Brian Eckman: "Re: Another Mac OS X ScreenSaver Security Issue (after Security Update 2003-07-14)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages [NT] Cumulative Security Update for Internet Explorer (MS04-025) ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ... (Securiteam) [NT] Vulnerability in HTML Help Allows Code Execution (MS05-001) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ... (Securiteam) Re: The Myth of the secure Mac ... OEM Windows XP Home goes for a bit under $100. ... >> secure than Home. ... Though this really has nothing to do with security. ... Microsoft counts on third-party developers to provide more ... (comp.sys.mac.advocacy) SecurityFocus Microsoft Newsletter #120 ... Strengthening Network Security: FREE Guide Network security is a ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows File Protection Signed File Replacement... ... PlatinumFTPServer Information Disclosure Vulnerability ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter # 149 ... MICROSOFT VULNERABILITY SUMMARY ... EveryBuddy Long Message Denial Of Service Vulnerability ... Intellitactics Network Security Manager ... Windows operating systems. ... (Focus-Microsoft)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)