[10969] in bugtraq
Re: NT Login Default Folder Vulnerability
daemon@ATHENA.MIT.EDU (Dimitry Andric)
Wed Jul 7 12:23:56 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <199907071202300220.005D3353@smtp.xs4all.nl>
Date: Wed, 7 Jul 1999 12:02:30 +0200
Reply-To: Dimitry Andric <dim@XS4ALL.NL>
From: Dimitry Andric <dim@XS4ALL.NL>
X-To: Ben Greenbaum <beng@WWW.SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.4.10.9907061146370.59534-100000@www.securityfocus.com>
Content-Transfer-Encoding: 8bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06-07-99 at 11:56 Ben Greenbaum wrote:
>When a user logs into an NT machine, there are a few processes that
are
>started automatically, including explorer.exe. These programs are
normally
>in %winroot% or %winroot%\system32. The problem is that NT will look
for
>these programs first in the user's home directory.
This is ultimately caused by the fact that in MS-DOS, Windows and NT,
"." has always implicitly been the first entry in the PATH. And when
NT starts up an executable, the current directory is initially set to
the user's home directory...
Cheers,
/Dim
- --
Dimitry Andric <dim@xs4all.nl>
PGP key: http://www.xs4all.nl/~dim/dim.asc
KeyID: 4096/1024-0x2E2096A3
Fingerprint: 7AB4 62D2 CE35 FC6D 4239 4FCD B05E A30A 2E20 96A3
-----BEGIN PGP SIGNATURE-----
Version: Encrypted with PGP Plugin for Calypso
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm
iQA/AwUBN4MXn7BeowouIJajEQKJtQCfTelelgKHbOwhMydvy/bJM5Q3ZNkAn2vE
f/Xrss1EciwP1LRol91++GDi
=DEs4
-----END PGP SIGNATURE-----
