Win2k Permissions Could Allow Trojan Horse

By TS | Thomas
Oct 31, 2002
  1. Windows 2000 Default Permissions Could Allow Trojan Horse Program

    On Windows 2000, the default permissions provide the Everyone group with Full access (Everyone:F) on the system root folder (typically, C:\). In most cases, the system root is not in the search
    path. However, under certain conditions - for instance, during logon or when applications are invoked directly from the Windows desktop via Start | Run - it can be.

    This situation gives rise to a scenario that could enable an attacker to mount a Trojan horse attack against other users of the same system, by creating a program in the system root with the same name as some commonly used program, then waiting for another user to subsequently log onto the system & invoke the program. The Trojan horse program would execute with the user's own privileges, thereby enabling it to take any action that the user could take.

    Affected Software:
    Microsoft Windows 2000

    Patch availability:
    This vulnerability requires an administrative procedure rather than a patch. The needed changes are discussed in the FAQ.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...