[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Microsoft Windows Vista/2003/XP/2000 file management security issues
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Microsoft Windows Vista/2003/XP/2000 file management security issues
- From: KJKHyperion <hackbunny@xxxxxxxxxx>
- Date: Sun, 11 Mar 2007 00:50:07 +0100
3APA3A wrote:
> And now is most exciting: Users have permission to create files in this
> directory, that is pre-open attack is possible.
holy %&$@£%!# you're right:
D:\WINDOWS\security\templates>more "setup security.inf" | findstr /r /i
"\<temp\>"
"d:\windows\temp", 2,
"D:P(A;CI;0x100026;;;BU)(A;CIOI;GRGWGXSD;;;PU)(A;CIOI;GA;;;BA)(A;CIOI;GA;;;SY)
(A;CIOI;GA;;;CO)"
Where "(A;CI;0x100026;;;BU)" =
A = access allowed
CI = container and items (subfolders and files), this folder only
0x100026 = SYNCHRONIZE, traverse, create files, create subfolders
BU = BUILTIN\Users
/revokes
/plans to eventually make a custom security policy .inf
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/