Next Page >>
security policy
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@isatools.org]
> Sent: Sunday, July 20, 2008 4:33 PM
> To: 'me@abegetchell.com'; 'Thor (Hammer of God)'; 'Johan Beisser'
> Cc: bugtraq@securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
>
> It's about reality & priorities.
>
> What we're both saying is:
> 1. it's a bug and should be fixed in accordance with its impact on real
-----Original Message-----
From: Abe Getchell [mailto:me@abegetchell.com]
Sent: Sunday, July 20, 2008 12:32 PM
To: 'Thor (Hammer of God)'; Jim Harrison; 'Johan Beisser'
Cc: bugtraq@securityfocus.com
Subject: RE: Windows Vista Power Management & Local Security Policy
So, you guys don't think it's an issue that power management in Vista
(apparently) has a pass to bypass local security policy?
--
So, you guys don't think it's an issue that power management in Vista
(apparently) has a pass to bypass local security policy?
--
Abe Getchell
me@abegetchell.com
https://abegetchell.com/
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
> -----Original Message-----
> From: Abe Getchell [mailto:me@abegetchell.com]
> Sent: Saturday, July 19, 2008 12:33 AM
> To: 'Jim Harrison'; bugtraq@securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
>
> As stated in my original e-mail to the list, I definitely don't think
> that
> this is a security vulnerability in a traditional sense. I completely
> agree
>I think however that Check Point consideres >everyone with access to a
>Secure Platform system to be a trusted user. So >they will not regard these
issues with the priority you (Hugo Va¿½zqu) seem to bestow on it.
Right now -16 October 2007- Check Point as already accepted the flaws. Regarding to the privilege escalation to the "Expert" mode -standard root-, I should tell again that that is the minor problem. If you read the paper you will see that there are things more interesting to explore... Anyway, today, "googleing" a bit I found an interesting URL of the NIST:
"FIPS 140-2 Non-Proprietary Security Policy"
http://csrc.nist.gov/cryptval/140-1/140sp/140sp420.pdf
This doc is no more available online, but you can have the cached version...
If you read you will see: "This is a non-proprietary Cryptographic Module Security Policy for Checkpoint Software Technologies Ltd."
(...)
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@isatools.org]
> Sent: Saturday, July 19, 2008 1:36 AM
> To: 'me@abegetchell.com'; bugtraq@securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
>
> Abe,
>
> Other than a denial-of-service from the console (is the power switch
> now a security vuln, too?), what can you do with this bug? It's
Security Issues and Protocols,
Security Challenges and Content Authoring, Cryptography, Secure
Communications, Authentication
Techniques, Chaos-based Data Security, MANET Security, Wireless Sensor
Network Security,
Organization Considerations in Security Policy Formulation and
Implementations, Digital Forensics and
Crimes, Biometrics, Cyber Security
3. Ubi/Cloud Computing
Authentication and Access Control for Data Protection in Ubi/Cloud
Although many of the useful arguments have been disallowed, Security-Assessment.com
found that the /Datapath argument can be included and directed to a remote SMB
share directly through a specially crafted Skype URI.
The Datapath argument specifies the location of the Skype configuration files and
security policy. Specifying a Datapath argument will override any local security
policy defined in the Windows registry.
A remote user is capable of crafting a link that when clicked, will spawn
Skype.exe on a client using a Datapath location which is present on a remote
SMB share. The Skype client will load any configuration or security policy
-----Original Message-----
From: Abe Getchell [mailto:me@abegetchell.com]
Sent: Thursday, July 17, 2008 7:39 PM
To: bugtraq@securityfocus.com
Subject: Windows Vista Power Management & Local Security Policy
When the security option "Shutdown: Allow system to be shutdown without
having to log on" (in the local security policy) is set to "Disable", and
the power management setting "When I press the power button" is set to "Shut
Down", it is possible for an unauthenticated user to press the power button
> > >>
> > >>
> >
> > --
> > Eric C. Lukens
> > IT Security Policy and Risk Assessment Analyst
> > ITS-Network Services
> > Curris Business Building 15
> > University of Northern Iowa
> > Cedar Falls, IA 50614-0121
> > 319-273-7434
>>
>>
--
Eric C. Lukens
IT Security Policy and Risk Assessment Analyst
ITS-Network Services
Curris Business Building 15
University of Northern Iowa
Cedar Falls, IA 50614-0121
319-273-7434
>>>>>>>
>>>>>>>
>>>>>>>
>>>>> --
>>>>> Eric C. Lukens
>>>>> IT Security Policy and Risk Assessment Analyst
>>>>> ITS-Network Services
>>>>> Curris Business Building 15
>>>>> University of Northern Iowa
>>>>> Cedar Falls, IA 50614-0121
>>>>> 319-273-7434
>>>>>
>>>>>
>>>>>
>>> --
>>> Eric C. Lukens
>>> IT Security Policy and Risk Assessment Analyst
>>> ITS-Network Services
>>> Curris Business Building 15
>>> University of Northern Iowa
>>> Cedar Falls, IA 50614-0121
>>> 319-273-7434
> the Authenticode signature.
>
--
Eric C. Lukens
IT Security Policy and Risk Assessment Analyst
ITS-Network Services
Curris Business Building 15
University of Northern Iowa
Cedar Falls, IA 50614-0121
319-273-7434
> >>
> >>
>
> --
> Eric C. Lukens
> IT Security Policy and Risk Assessment Analyst
> ITS-Network Services
> Curris Business Building 15
> University of Northern Iowa
> Cedar Falls, IA 50614-0121
> 319-273-7434
Topics include but are not limited to:
* Intrusion Detection
* Denial-of-Service
* Privacy Protection
* Security Policy
* Peer-to-Peer and Grid Security
* Network Monitoring
* Web Security
* Vulnerability Management and Tracking
* Network Forensics
Eleytt offers Eleytt Business Continuity Program. What is it?
- Long-term continous security audits
- Security consulting and training
- Security policy compliance issues
For more information, please refer to eleytt.com, http://www.eleytt.com
Eleytt offers Eleytt Business Continuity Program. What is it?
- Long-term continous security audits
- Security consulting and training
- Security policy compliance issues
For more information, please refer to eleytt.com, http://www.eleytt.com
>>>>>>>
>>>>>>>
>>>>>>>
>>>>> --
>>>>> Eric C. Lukens
>>>>> IT Security Policy and Risk Assessment Analyst
>>>>> ITS-Network Services
>>>>> Curris Business Building 15
>>>>> University of Northern Iowa
>>>>> Cedar Falls, IA 50614-0121
>>>>> 319-273-7434
>>>>>>>
>>>>>>>
>>>>>>>
>>>>> --
>>>>> Eric C. Lukens
>>>>> IT Security Policy and Risk Assessment Analyst
>>>>> ITS-Network Services
>>>>> Curris Business Building 15
>>>>> University of Northern Iowa
>>>>> Cedar Falls, IA 50614-0121
>>>>> 319-273-7434
> > >>
> > >>
> >
> > --
> > Eric C. Lukens
> > IT Security Policy and Risk Assessment Analyst
> > ITS-Network Services
> > Curris Business Building 15
> > University of Northern Iowa
> > Cedar Falls, IA 50614-0121
> > 319-273-7434
for submission include but are not limited to:
* Intrusion Detection
* Malicious Software
* Web Security
* Security Policy
* Peer-to-Peer and Grid Security
* Wireless and Mobile Security
* Network Forensics
* Network Discovery and Mapping
* Incident Response and Management
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>> --
>>>>>> Eric C. Lukens
>>>>>> IT Security Policy and Risk Assessment Analyst
>>>>>> ITS-Network Services
>>>>>> Curris Business Building 15
>>>>>> University of Northern Iowa
>>>>>> Cedar Falls, IA 50614-0121
>>>>>> 319-273-7434
Topics include but are not limited to:
* Intrusion Detection
* Denial-of-Service
* Privacy Protection
* Security Policy
* Peer-to-Peer and Grid Security
* Network Monitoring
* Web Security
* Vulnerability Management and Tracking
* Network Forensics
> >>>>>
> >>>>>
> >>>>>
> >>> --
> >>> Eric C. Lukens
> >>> IT Security Policy and Risk Assessment Analyst
> >>> ITS-Network Services
> >>> Curris Business Building 15
> >>> University of Northern Iowa
> >>> Cedar Falls, IA 50614-0121
> >>> 319-273-7434
> >>
> >>
>
> --
> Eric C. Lukens
> IT Security Policy and Risk Assessment Analyst
> ITS-Network Services
> Curris Business Building 15
> University of Northern Iowa
> Cedar Falls, IA 50614-0121
> 319-273-7434
Eleytt offers Eleytt Business Continuity Program. What is it?
- Long-term continous security audits
- Security consulting and training
- Security policy compliance issues
For more information, please refer to eleytt.com, http://www.eleytt.com
-----Original Message-----
From: Abe Getchell [mailto:me@abegetchell.com]
Sent: Friday, 18 July 2008 12:39 PM
To: bugtraq@securityfocus.com
Subject: Windows Vista Power Management & Local Security Policy
> When the security option "Shutdown: Allow system to be shutdown without
having to log on" (in the local security policy) is set to "Disable", and
> the power management setting "When I press the power button" is set to
"Shut Down", it is possible for an unauthenticated user to press the power
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>> --
>>>>>> Eric C. Lukens
>>>>>> IT Security Policy and Risk Assessment Analyst
>>>>>> ITS-Network Services
>>>>>> Curris Business Building 15
>>>>>> University of Northern Iowa
>>>>>> Cedar Falls, IA 50614-0121
>>>>>> 319-273-7434
Correct. Power management in Windows Vista is apparently given a pass to
bypass local security policy, which is a bad thing, and sets a bad
precedence. I will leave it to others to exploit this security issue, given
that I know little about the programmatic aspect of power management in
Windows. There are people out there much more capable than me who, if they
feel it warranted, can research the issue further. I don't consider it, as
Jim Harrison would say, "wasting your time chasing things that 'might lead
to cats & dogs living together in sin'", but rather "security research" and
"sharing information". I don't consider Jim's reaction surprising at all,
though, as he works for Microsoft.
Next Page>>
|
