RE: MS02-29 breaks PPTP connections for non-Admin users?

From: emann@questinc.org
Date: 06/18/02

• Previous message: Marc Fossi: "SecurityFocus Microsoft Newsletter #91"
• Maybe in reply to: emann@questinc.org: "MS02-29 breaks PPTP connections for non-Admin users?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: emann@questinc.org
To: focus-ms@securityfocus.com
Date: Tue, 18 Jun 2002 17:01:31 -0400

I contacted Microsoft PSS about this and they were able to replicated the
below scenario on Windows 2000 Pro SP2. The problem does not occur on
Windows XP, and they did not verify if it effected 2000 Server, but I'm
going to guess it does.

MS has escalated this issue to the development team and is awaiting a
response. Most likely an update of the patch will occur.

-----Original Message-----
From: Evan Mann
Sent: Monday, June 17, 2002 4:18 PM
To: 'focus-ms@securityfocus.com'
Subject: MS02-29 breaks PPTP connections for non-Admin users?

MS02-29 (Q318138) can be installed via Windows Update v4.0 on 2000 systems.
I appear to have tracked down a problem with PPTP RAS connections on Windows
2000 to this patch. After applying the patch and rebooting, any user
without Administrator level access cannot initiate PPTP RAS connections.
Dialup connectors still continue to work, but PPTP connects do not.

The status on the devices shows up as "Device Missing"

If an Administrators logs in, the connection works.

If a non-administrator user is given Administrator group access, the
connection works.

And the kicker, if a non-administrator user uses "logon using dialup
networking" to login to the computer, and utilizes the PPTP connection, the
connection works, and will work for the duration of that login, even through
multiple disconnect/reconnects.

Has anyone else noticed this behavior?

---

• Previous message: Marc Fossi: "SecurityFocus Microsoft Newsletter #91"
• Maybe in reply to: emann@questinc.org: "MS02-29 breaks PPTP connections for non-Admin users?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: PPPoE ... The Windows driver README ... Installing the PPP over Ethernet Protocol ... Connection Sharing, ... (freebsd-net) RE: Windows 2000 RRAS and ipSEC /L2TP VPN ... How to Configure a L2TP/IPSec Connection Using Pre-shared Key Authentication ... This article contains information about modifying the registry. ... , Windows 2000 is compliant with IKE RFC ... (microsoft.public.win2000.networking) Re: Cannot connect to the Internet ... My Windows 2000 pro PC is connected to the internet (Local Area ... Connection 2 Status icon shows "Connected" with a speed of 10.0 ... The master browser has received a server announcement from ... The DNS Client service could not contact any DNS servers ... (microsoft.public.mac.virtualpc) Re: Windows Update ... Open the explorer (Windows Explorer or My Computer), ... menu and select the Folder options. ... Click Services tab and select Hide All Microsoft Services and Disable ... size of a PPPoE connection to a value of between 1,400 and 1,480 ... (microsoft.public.windows.server.sbs) Re: Serious Security Issue in Windows XP SP2s Firewall ... Subject: AW: Serious Security Issue in Windows XP SP2's Firewall ... If you update a WinXP SP-1 with enabled Internet ... Connection Firewall ... (Focus-Microsoft)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-ms  > 2002-06