[18050] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: CmdAsp.asp - What's your exposure?

daemon@ATHENA.MIT.EDU (Maceo)
Wed Dec 13 16:41:05 2000

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.LNX.4.10.10012121513510.2052-100000@calvin.dogmile.com>
Date:         Tue, 12 Dec 2000 15:16:18 -0700
Reply-To: Maceo <maceo@DOGMILE.COM>
From: Maceo <maceo@DOGMILE.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <20001212125511.B11903@securityfocus.com>

 What I failed to mention is that because of the broken way IIS
 impersonates accounts the cmd process will run as IWAM_COMPUTER
 or SYSTEM.  In IIS 4.0 it depends upon whether or not you have
 chosen to "run in separate memory space" option or not.  In
 IIS 5.0 it's the difference between Application Protection "Low"
 and Medium or High.  This is significant because, developers may
 not be aware they are executing code as SYSTEM, just because they
 spawned a shell.

   -Maceo


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[18050] in bugtraq

Re: CmdAsp.asp - What's your exposure?

daemon@ATHENA.MIT.EDU (Maceo)Wed Dec 13 16:41:05 2000

daemon@ATHENA.MIT.EDU (Maceo)
Wed Dec 13 16:41:05 2000