Win2k Permissions Could Allow Trojan Horse

Status
Not open for further replies.

TS | Thomas

Posts: 1,318   +2
Windows 2000 Default Permissions Could Allow Trojan Horse Program

Issue:
On Windows 2000, the default permissions provide the Everyone group with Full access (Everyone:F) on the system root folder (typically, C:\). In most cases, the system root is not in the search
path. However, under certain conditions - for instance, during logon or when applications are invoked directly from the Windows desktop via Start | Run - it can be.

This situation gives rise to a scenario that could enable an attacker to mount a Trojan horse attack against other users of the same system, by creating a program in the system root with the same name as some commonly used program, then waiting for another user to subsequently log onto the system & invoke the program. The Trojan horse program would execute with the user's own privileges, thereby enabling it to take any action that the user could take.

Affected Software:
Microsoft Windows 2000

Patch availability:
This vulnerability requires an administrative procedure rather than a patch. The needed changes are discussed in the FAQ.
 
Status
Not open for further replies.
Back