Re: Samba Remote Zero-Day Exploit

From: Dan Kaminsky <dan@doxpara.com>
To: Stefan Kanthak <stefan.kanthak@nexgo.de>
Cc: <full-disclosure@lists.grok.org.uk> <full-disclosure@lists.grok.org.uk>,<bugtraq@securityfocus.com> <bugtraq@securityfocus.com>,<kcope2@googlemail.com> <kcope2@googlemail.com>,<paul.szabo@sydney.edu.au> <paul.szabo@sydney.edu.au>
Subject: Re: Samba Remote Zero-Day Exploit
Date:






On Feb 6, 2010, at 5:26 PM, "Stefan Kanthak" <stefan.kanthak@nexgo.de>  
wrote:

> Dan Kaminsky wrote on February 06, 2010 6:43 PM:
>
>> You need admin rights to create junctions.
>
> OUCH!
> No, creating junctions (as well as the Vista introduced symlinks)
> DOESN'T need admin rights!
>
> [snip]
>

Really?  Try. Especially remotely over SMB w/o remote interactive.


> Stefan
>





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.