Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: RFP9903: AeDebug vulnerability

Re: RFP9903: AeDebug vulnerability

From: Enno Rey <erey_at_IX.URZ.UNI-HEIDELBERG.DE>
Date: Fri, 8 Oct 1999 00:00:44 +0200

----- Original Message -----
From: David LeBlanc <dleblanc_at_MINDSPRING.COM>
To: <BUGTRAQ_at_SECURITYFOCUS.COM>
Sent: Tuesday, October 05, 1999 8:24 PM
Subject: Re: RFP9903: AeDebug vulnerability

>David LeBlanc wrote:

>One other thing to consider is that when user processes crash, they can
>sometimes create a user.dmp file, which like UNIX-style core files can
>sometimes contain information useful to an attacker. There is a way to
>turn this off, but I don't recall what it is at the moment.
>

Just run drwtsn32.exe from system32, then you can configure the behaviour of
drwtsn. There is a little hlp-file explaining the contents of the dump file,
too. (Though this file doesn't treat the subject very deeply, from a
technical point of view)
>Fromtime to time, I have to examine the contents of this file; I'm not sure
whether these contents could be useful for an attacker.

Regards,

Enno

erey_at_ix.urz.uni-heidelberg.de
Received on Oct 08 1999

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]