Re: [Full-disclosure] Removing the NIC cable = EoP?

[Tim <tim-security@xxxxxxxxxxxxxxxxxxx>]

List members: please pardon the vocab lesson I'm about to give... it's
just a pet peeve of mine.  (However, if you're one of those that also
butchers this word, please take note.)

> The hack seems to be the defaulting. You authentify as a user, but you
> do not let the system to get the full user profile from its domain
> controller. The bug suggested there is that, if the OS can authentify,
> but cannot setup the profile after succesfully authentifying, it would
> incorrectly place you as a local admin. Presumably because that's the
> only local account.

Vincent, please note:

  http://www.google.com/search?q=define%3Aauthentify

returns no results.  Yet:

  http://www.google.com/search?q=define%3Aauthenticate

returns 12+.

"authentify" is not a word (in English at least).

thanks,
tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/