[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege Escalation Vulnerability in Microsoft Windows XP

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege Escalation Vulnerability in Microsoft Windows XP
From: Christoph Gruber <grisu@xxxxxxx>
Date: Mon, 28 Aug 2006 16:41:02 +0200

On Friday 17 March 2006 03:07 Christoph Gruber wrote:

I want to straiten out, that this posting does NOT come from me!

A look at the header clarifies that:

Return-Path: <full-disclosure-bounces@xxxxxxxxxxxxxxxxx>
Received: from mx4.noc.eunet-ag.at (mx4.noc.eunet-ag.at 
[193.154.160.127])
         by imap02 (Cyrus v2.2.12-Red Hat 2.2.12-2tis) with LMTPA;
         Fri, 17 Mar 2006 04:06:42 +0100
X-Sieve: CMU Sieve 2.2
Received: from lists.grok.org.uk (lists.grok.org.uk [195.184.125.51])
        by mx4.noc.eunet-ag.at (8.13.0/8.13.0) with ESMTP id k2H36baA024009
        for <list@xxxxxxx>; Fri, 17 Mar 2006 04:06:38 +0100
Received: from lists.grok.org.uk (localhost [127.0.0.1])
        by lists.grok.org.uk (Postfix) with ESMTP id 14D5ABA7D;
        Fri, 17 Mar 2006 02:25:27 +0000 (GMT)
X-Original-To: full-disclosure@xxxxxxxxxxxxxxxxx
Delivered-To: full-disclosure@xxxxxxxxxxxxxxxxx
Received: from guru.at (85-31-186-26.blue.kundencontroller.de 
[85.31.186.26])
        by lists.grok.org.uk (Postfix) with SMTP id D9D93AECF
        for <full-disclosure@xxxxxxxxxxxxxxxxx>;
        Fri, 17 Mar 2006 02:07:50 +0000 (GMT)
From: Christoph Gruber <list@xxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxxx>

Best regards

> [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege
> Escalation Vulnerability in Microsoft Windows XP
>
>
>
>
> ----------------------------
> o/ 卍 Background
> There had been no identified background commentary on this
> vulnerability indentified. ----------------------------
> 卍 \o Description
> Microsoft Windows XP incorrectly validates user input, making
> privilege escalation possible.
>
> ----------------------------
> o/ 卍 History
> 2/21/2006 o/ Vendor Notification.
> 3/16/2006 o/ Public Disclosure.
> ----------------------------
> 卍 \o Workaround
> There was no workarounds.
> ----------------------------
> o/ 卍 Vendor Response
> Microsoft Windows XP had extended no identified information.
>
>
> ----------------------------
> Contact
> Christoph Gruber lolville@xxxxxxx
> 1-888-565-9428
> BEWARE THE JIZZTAPO!!!
>
>             ..
>         _ .' `.
>        /\)
>       / /
>      / /   /\
>      \ \  /  \
>   _   \ \/ /\ \
>  (/\   \  /  \ \
>   \ \  /  \   (Y )
>    \ \/ /\ \   ""
>     \  /  \ \
>      \/   / /
>          / /
>         ( Y)
>          ""
>
>
> CISSP GSAE CCE SSP-CNSA SSP-MPA GIPS CAP SSCP
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

-- 
Christoph Gruber
"Das Geheimnis der Freiheit ist der Mut." Perikles (ca.500-429)

Attachment: pgpPjW2lsW0Fa.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- [Full-disclosure] Re: [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ %Local Privilege Escalation Vulnerability in Microsoft Windows XP
  - From: Dave \"No, not that one\" Korn

Prev by Date: [Full-disclosure] [vuln.sg] Cybozu Garoon 2 SQL Injection Vulnerabilities
Next by Date: [Full-disclosure] InfoSec Paper: Creating Business Through Virtual Trust
Previous by thread: Re: [Full-disclosure] [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ % Local Privilege Escalation Vulnerability in Microsoft Windows XP
Next by thread: [Full-disclosure] Re: [Advisory] % +Thu Mar 16 21:07:15 EST 2006+ %Local Privilege Escalation Vulnerability in Microsoft Windows XP
Index(es):
- Date
- Thread