Home page logo

bugtraq logo Bugtraq mailing list archives

RE: [Full-disclosure] Flaw in Microsoft Domain Account CachingAllows Local Workstation Admins to Temporarily Escalate Privileges andLogin as Cached Domain Admin Accounts (2010-M$-002)
From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 13 Dec 2010 10:15:35 -0800

If I take the domain admin out of my local administrators, they can't do
anything.  Done.

  Back when I did AD/domain support, all domain user accounts got a profile
that included a trivial script to re-add Domain Admins to the Local Admins
group.  So this kind of local removal shenanigans lasted only until the user
next logged into the domain.

David Gillett

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]