Re: Again about Kerio 2.1.5 vs 4.0.x
From: sponge (yosponge_at_yahoo.com)
Date: 02/24/04
- Next message: ThePsyko: "Re: Using Old OS for Security"
- Previous message: Alan Connor: "Re: Using Old OS for Security"
- In reply to: Mesomorf: "Re: Again about Kerio 2.1.5 vs 4.0.x"
- Next in thread: Mesomorf: "Re: Again about Kerio 2.1.5 vs 4.0.x"
- Reply: Mesomorf: "Re: Again about Kerio 2.1.5 vs 4.0.x"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 23 Feb 2004 23:04:55 -0800
On Mon, 23 Feb 2004 09:25:40 GMT, "Mesomorf" <reply.to@newsgroup.only>
wrote:
>
>> >> I don't see why, but I'll check as soon as I finish a job and
can
>> swap
>> >> in a Win2k-NTFS drive.
>> >
>> >I have now tested it on winXP and the same is happening there. The
>> cmd.exe
>> >is running with SYSTEM privileges (it is easy to see in XPīs Task
>> manager.
>> >..so are you really sure about the info you are telling me?
>>
>> Yep. I'll post them from XP and from Win2k when I can get to that.
Are
>> you running with any special user or file permissions? Any
particular
>> OS modifications? I'm running with an almost-fresh install, barely
>> hardened since I'm doing driver development. When I ran that test I
>> described, I hadn't actually started this project, so it wasn't any
>> modifications made by the driver or SDK that could have influenced
the
>> results. However, I will make sure that at least one of the OS
tests
>> is from a fresh, unpatched install when I do, probably by this
>> weekend.
>
>Well, I have my machines all patched up, and Kerio has already mailed
me and
>confirmed this bug. So I really donīt know how you are making your
tests on
>this bug.
>
>> >> I'll also need to put SnagIt on my XP box so I can get some
>> screenshots.
>> >
>> >You need SnagIt for a simple screenshot?.. well the ALT +
PrintScreen
>> >buttons and Paint.exe is the only thing you actually need.
>>
>> You can also paste right into PaintShop Pro, but SnagIt's more
>> convenient. I have to take caps for my site anyway.
>
>PSP isnīt integrated in Windows either you know ;)
>
>/www.Tuneld.com
BTW, I tested again earlier today and received the same results as
before - no execution of CMD.EXE, no escalation of privileges. I also
repeated the test of the AVG Antivirus installer, with no success. I
have posted the exact methodology, results and screenshots of my XP
test at:
http://www.geocities.com/yosponge/exploit_info/xptest.html
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
- Next message: ThePsyko: "Re: Using Old OS for Security"
- Previous message: Alan Connor: "Re: Using Old OS for Security"
- In reply to: Mesomorf: "Re: Again about Kerio 2.1.5 vs 4.0.x"
- Next in thread: Mesomorf: "Re: Again about Kerio 2.1.5 vs 4.0.x"
- Reply: Mesomorf: "Re: Again about Kerio 2.1.5 vs 4.0.x"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
