[13956] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: AUTORUN.INF Vulnerability

daemon@ATHENA.MIT.EDU (Valentin Pletzer)
Mon Feb 21 19:42:17 2000

Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id:  <4.1.20000220172150.00af51b0@pop.gmx.net>
Date:         Sun, 20 Feb 2000 17:27:57 +0100
Reply-To: Valentin Pletzer <vpletzer@GMX.NET>
From: Valentin Pletzer <vpletzer@GMX.NET>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <000701bf79cd$fdb5a620$4c4342a6@mightye.org>

Hi maybe some addition to that:
At 00:07 18.02.00 -0500, you wrote:

>administrative privileges, then it invokes Explorer on that directory to
>open the directory like normal.

This is not true if the directory is opened with the Workplace and not the
Explorer

>very real exploit; no directory guessing, i.e. did they name the WIN
>directory Windows or Winnt?
how about %windir% ???

quoted as short as possible ??? ;-)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13956] in bugtraq

Re: AUTORUN.INF Vulnerability

daemon@ATHENA.MIT.EDU (Valentin Pletzer)Mon Feb 21 19:42:17 2000

daemon@ATHENA.MIT.EDU (Valentin Pletzer)
Mon Feb 21 19:42:17 2000