Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 




      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: Windows Access Control Demystified

> -----Original Message-----
> From: sudhakar+bugtraq@xxxxxxxxxxxxxxxx 
> [mailto:sudhakar+bugtraq@xxxxxxxxxxxxxxxx] 
> Sent: Wednesday, February 01, 2006 2:08 AM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Windows Access Control Demystified
> Hello everybody,
> We have constructed a logical model of Windows XP access 
> control, in a declarative but executable (Datalog) format.  
> We have built a scanner that reads access-control 
> configuration information from the Windows registry, file 
> system, and service control manager database, and feeds raw 
> configuration data to the model.  Therefore we can reason 
> about such things as the existence of privilege-escalation 
> attacks, and indeed we have found several 
> user-to-administrator  vulnerabilities caused by 
> misconfigurations of the access-control lists of commercial 
> software from several major vendors.  We propose tools such 
> as  ours as a vehicle for software developers and system 
> administrators to model and debug the complex interactions of 
> access control on  installations under Windows.
> The full version of the paper can be found at:
> http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
> All the vendors and CERT are aware of this paper. The bugs are *not* 
> remotely exploitable. The CERT id is VU#953860.
> regards,
> Sudhakar Govindavajhala and Andrew Appel.
> Bio:
> Sudhakar Govindavajhala is a finishing PhD student at 
> Computer Science department, Princeton  university. His 
> interests are computer security, operating systems and 
> networks. Sudhakar is looking for employment  opportunities.
> Andrew Appel is a Professor of Computer Science at Princeton 
> University.  He is currently on sabbatcal at INRIA 
> Rocquencourt. His interests are computer security, compilers, 
> programming  languages, type theory, and  functional programming.


Copyright © Lexa Software, 1996-2009.