[3501] in WWW Security List Archive
NT WRKSTN, W95 BUG!!!!
daemon@ATHENA.MIT.EDU (imennov@juno.com)
Fri Nov 8 20:43:21 1996
From: imennov@juno.com
To: www-security@ns2.rutgers.edu
Cc: LANMAN-L@LIST.NIH.GOV, ntlist@majordomo.ucs.indiana.edu
Date: Fri, 08 Nov 1996 18:04:05 EST
Errors-To: owner-www-security@ns2.rutgers.edu
I found a bug in nt4.0(wrkstn), win 95, and i'm still not sure
about nt 4.0 serv(can somebody try this...)
You know, in policy editor, you can restrict user from seeing find
command in start menu, but if you hit F3, you'll get this find window.
Another problem is-- you can see hidden files, drives, etc, and if you
right-click a file, you have the same options as in explorer; you can
copy USER.DAT to your profile dir, and have the rights from whoever you
copied USER.DAT file.
I thired to contact MICROSOFT, they said, they will run some
tests, and call me back if they'll find something, but they never did. I
think, that everyone should be aware of this BUG/SHORTCUT.
I;m still unsure, if i'm the first one detecting it, i just want
you to be aware of this...
If anyone knows, where I can oficcialy report bug, please contact me, and
if anyone from microsoft reads this, contact me about this.
Sincerely,
Nikita Imennov.
