From: jaymz ringler (adminjaymz@sperrytv.com)
Date: Tue May 13 2003 - 15:16:16 EDT
oddly enough, I was just doing a little light reading over lunch just
now. and flipped through and on page 145 in Hacking Exposed 4th
edition.
this page covers this very topic. the Screen Saver - CD Autorun
vulnerability.
You can load any program onto a cd such as Back Orafice or NetBus. And
create a auto run file and point it to the NetBus server.exe
and it will run any program specified in the autorun file.
In the book they mention a utility to run with the autorun file
95sscrk from http://users.aol.com/jpeschel/crack.htm there's also
mention of another SSBypass from http://www.amecisco.com/ssbypass.htm
for $40.
I haven't tried doing this under 2k but I'm assuming it doesn't affect
2k. as they say in the book that the cure for this problem in NT and
98 is an upgrade to 2k. ....
---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:33 EDT