Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Microsoft NT "un-removable user" Vulnerability.
From: Jonathan Rickman <jonathan () XCORPS NET>
Date: Wed, 6 Sep 2000 08:40:48 -0400

I advised Microsoft Security about this on 28 Aug 2000. They responded
that since they had no custom user management tools, they could not test
this vulnerability.

I expect you'll get this response from a lot of people.

How about posting the code for the "custom user management interface" you
used to add this username, or at least the useradd script??? I've been
unable to duplicate this using any of the available "web based management
interfaces".  The Microsoft web admin utility doesn't accept these
characters.

--
Jonathan Rickman
X Corps Security
http://www.xcorps.net


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 6.5.2

mQENAzm0QZQAAAEIAN3uNRQlWHMrHwKgTNzpYps6SLipfNvH+0uZi0TvxyXFHiiH
kivQYxlcPn/4Za4eyl5XZvP6lGQ3DXcCzT+9di75HqFtTiHeE9YScR0WEeBB1ywL
j8nKxFdGMCJ3a3khSafPvyTUQKGaEWQGnui+6UieWeBhDHdE/o21qNd0+6M49P73
0pVTdmdn1jPj1cU+vrqkNWMfNNNhLyPjrdPzoL6SoYzCs6p5YhLWaNOiet/91RhK
VpC8uy2cUIWNOAyAOtDJwF4GY+AIVP2WTLg6L/FByDH507HP4NvkbnwPAkDSTh7M
TlXvdoeNiaEUCYCgx8CFSCAg/pl819+gts810D8ABRG0JkpvbmF0aGFuIFJpY2tt
YW4gPGpvbmF0aGFuQHhjb3Jwcy5uZXQ+iQEVAwUQObRBlNffoLbPNdA/AQETwwf/
d4W131UXeWd1+hcCR1bkFJRx+08fNtHzbMzjqquA4IRPftt72M6RzDsRn1xpsdh+
RqP0oeZ0IfnByhXQ7x65JxRUaYW2mw8GNQOeTkJ2uNDg3SaFG2HGYxASohP2r8D6
Yh1WIfEgf3YDwoKyGAfJTgcfHZe85+hgg6R60KbGMAhWf5Tbb6IEpzdvBi/HoYHC
c1km8esjnMPDmR1aLjcRffaMmWGwXk/33oZRo3Q0SO/MvqWyo1kZnq2JIxX0MDAm
nm2p0cZtQc1sECkC1XyyyH8tgWhXwzYpucpsQ3IhWFrCuL7y4t/wREOgd4KaSxkN
OKraa8g7Nyh4s8rSHFvq5A==
=XYFV
-----END PGP PUBLIC KEY BLOCK-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault