mailing list archives
Re: Removing the NIC cable = EoP?
From: Tim <tim-security () sentinelchicken org>
Date: Tue, 3 Oct 2006 08:32:39 -0400
List members: please pardon the vocab lesson I'm about to give... it's
just a pet peeve of mine. (However, if you're one of those that also
butchers this word, please take note.)
The hack seems to be the defaulting. You authentify as a user, but you
do not let the system to get the full user profile from its domain
controller. The bug suggested there is that, if the OS can authentify,
but cannot setup the profile after succesfully authentifying, it would
incorrectly place you as a local admin. Presumably because that's the
only local account.
Vincent, please note:
returns no results. Yet:
"authentify" is not a word (in English at least).
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/