Microsoft Windows Impersonation Privilege Escalation Weakness

Discussion in 'Computer Security' started by Imhotep, May 23, 2006.

  1. Imhotep

    Imhotep Guest

    "Microsoft Windows is susceptible to a weakness that may allow attackers to
    gain elevated privileges. This issue is due to the ability of services to
    impersonate clients after they have authenticated."

    http://www.securityfocus.com/bid/18008/discuss

    Im
    Imhotep, May 23, 2006
    #1
    1. Advertising

  2. Imhotep

    Alun Jones Guest

    Imhotep wrote:
    > "Microsoft Windows is susceptible to a weakness that may allow
    > attackers to gain elevated privileges. This issue is due to the
    > ability of services to impersonate clients after they have
    > authenticated."
    >
    > http://www.securityfocus.com/bid/18008/discuss


    I read this a while back. It basically says "if you give your username and
    password to a service that pretends to be you, that service can pretend to
    be you".

    The same "weakness" exists in every other operating system.

    You can do better than this, surely - an outdated article that describes as
    a weakness a basic, known, issue with handing your authentication
    credentials over to another party for delegation.

    Come on, where's the insightful Imhotep, the guy who's ahead of the game,
    who's predicting where Windows will take a tumble next, and unflinchingly
    provides advice designed to protect users, rather than merely scare them?

    I've yet to see that Imhotep, but I'd like to believe that if you try really
    hard, you can squeeze one such posting out.

    Alun.
    ~~~~
    [Please don't email posters, if a Usenet response is appropriate.]
    --
    Texas Imperial Software | Find us at http://www.wftpd.com or email
    23921 57th Ave SE | .
    Washington WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
    Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
    Alun Jones, May 23, 2006
    #2
    1. Advertising

  3. Imhotep

    Imhotep Guest

    Alun Jones wrote:

    > Imhotep wrote:
    >> "Microsoft Windows is susceptible to a weakness that may allow
    >> attackers to gain elevated privileges. This issue is due to the
    >> ability of services to impersonate clients after they have
    >> authenticated."
    >>
    >> http://www.securityfocus.com/bid/18008/discuss

    >
    > I read this a while back. It basically says "if you give your username
    > and password to a service that pretends to be you, that service can
    > pretend to be you".
    >
    > The same "weakness" exists in every other operating system.
    >
    > You can do better than this, surely - an outdated article that describes
    > as a weakness a basic, known, issue with handing your authentication
    > credentials over to another party for delegation.
    >
    > Come on, where's the insightful Imhotep, the guy who's ahead of the game,
    > who's predicting where Windows will take a tumble next, and unflinchingly
    > provides advice designed to protect users, rather than merely scare them?
    >
    > I've yet to see that Imhotep, but I'd like to believe that if you try
    > really hard, you can squeeze one such posting out.
    >
    > Alun.
    > ~~~~
    > [Please don't email posters, if a Usenet response is appropriate.]



    Warning! Warning! Alun "spanky" Jones Idiot alert!!!

    Still waiting on you stepping up and being a man. You made a comment, got
    caught lying, and ran away like a weeping foolish troll you are...come on
    are you better than that?

    What about the users here? Don't you want to provide honest data? Are you
    better than that?

    <guess not, you're just another meatball>

    Imhotep
    Imhotep, May 24, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. imhotep
    Replies:
    0
    Views:
    502
    imhotep
    Jun 23, 2006
  2. Au79
    Replies:
    1
    Views:
    476
  3. Replies:
    6
    Views:
    404
  4. Raymond Karczewski
    Replies:
    7
    Views:
    604
    Barry OGrady
    Jun 28, 2006
  5. Raymond Karczewski
    Replies:
    12
    Views:
    836
    The Old Sourdough
    Jul 7, 2006
Loading...

Share This Page