[11700] in bugtraq
Compaq CIM UG Overwrites Legal Notice
daemon@ATHENA.MIT.EDU (Free, Bob)
Sat Sep 4 13:46:01 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-Id: <2DBFCBE6D1DAD11191E300805F577D120103EDE5@exchange104.comp.pge.com>
Date: Wed, 1 Sep 1999 18:07:32 -0700
Reply-To: "Free, Bob" <RWF4@PGE.COM>
From: "Free, Bob" <RWF4@PGE.COM>
X-To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
To: BUGTRAQ@SECURITYFOCUS.COM
We discovered today that during Compaq Insight Manager upgrades to v4.23b
they overwrite the
HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\LegalNoticeCaption
and LegalNoticeText with a message to continue the installation after
reboot. When the installation is completed after rebooting, these keys are
cleared and your legal notice is gone.
If your security policies are reliant on legal notices this is not a good
thing. We will open an incident with Compaq in the morning but I felt this
might be something folks should be aware of immediately since I have not
seen it reported elswhere.
Bob Free
Sr Network Specialist
Pacific Gas & Electric Co. Auburn, CA
CTS/IO/DC/System Server Support
Internal 732.5196 External 530.889.5196
mailto:rwf4@pge.com
