Network Security: Detailed info on Re: First vulnerabilities in the SP2

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Bugtraq

[Top] [All Lists]

Re: First vulnerabilities in the SP2 - XP ?...

from [Oliver Schneider] Network Security

[Permanent Link]

Subject:	Re: First vulnerabilities in the SP2 - XP ?...
Date:	Tue, 17 Aug 2004 18:29:52 +0200 (MEST)

Hi,

http://www.heise.de/security/artikel/50051

I also read this yesterday (the German version) and I think it's not a
vulnerability. It's IMO a misconception in the way how SP2 treats alien
executables. And on the other hand it does not actually lower the value of
SP2 concerning security - because the rest of SP2 already boosted security
(this time despite compatibility issues - thanks to MS for finally skipping
compatibility in favor of security). But I agree with the author that MS
should fix this anyway!

Can someone please check if ShellExecute()/ShellExecuteEx() behave different
from the CreateProcess-functions *)? Could that be the reason?
Where is the information stored, that a file was downloaded - ADS? - EAs?
... some arcane new feature?

Oliver

*) CreateProcess, CreateProcessAsUser, CreateProcessWithLogonW,
CreateProcessWithTokenW

-- 
---------------------------------------------------
May the source be with you, stranger ... ;)

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
First vulnerabilities in the SP2 - XP ?..., Jérôme Re: First vulnerabilities in the SP2 - XP ?..., Oliver Schneider <= RE: First vulnerabilities in the SP2 - XP ?..., Larry Seltzer Re: First vulnerabilities in the SP2 - XP ?..., Colin Alston Re: First vulnerabilities in the SP2 - XP ?..., Radoslav DejanoviÄ Re: First vulnerabilities in the SP2 - XP ?..., Robert Decker RE: First vulnerabilities in the SP2 - XP ?..., Thor Larholm Re: First vulnerabilities in the SP2 - XP ?..., Matthew Roberts RE: First vulnerabilities in the SP2 - XP ?..., Larry Seltzer

Previous by Date:	Cross-Site Scripting (XSS) in Php-Nuke 7.1.0, Abu Lafy
Next by Date:	Re: First vulnerabilities in the SP2 - XP ?..., Colin Alston
Previous by Thread:	First vulnerabilities in the SP2 - XP ?..., Jérôme
Next by Thread:	RE: First vulnerabilities in the SP2 - XP ?..., Larry Seltzer
Indexes:	[Date] [Thread] [Top] [All Lists]