BugTraq
Windows 7/8 admin account installation password stored in the clear in LSA Secrets Jul 11 2013 10:26PM
Dnegel X. (dnegel666 gmail com) (1 replies)
Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Jul 11 2013 11:35PM
Rob (synja synfulvisions com) (1 replies)
Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Jul 12 2013 12:18AM
Dnegel X. (dnegel666 gmail com) (1 replies)
1. I didn't find an explanation about this behavior that deals with
installation password, although this LSA Secret is well known to
contain passwords, mainly from Windows XP era. Could you provide a
link?
It also hasn't been fixed in Window 8 released this year.
2. You could e.g. retrieve a password from one vulnerable machine
(where physical access or admin shell is possible) and use it against
more secure ones sharing same admin password, typically when a Windows
image is replicated over a network to multiple machines.

Anyhow, having a cleartext password residue somewhere without
documentation looks like a sad bug to me.

Xavier

On Thu, Jul 11, 2013 at 7:35 PM, Rob <synja (at) synfulvisions (dot) com [email concealed]> wrote:
> Two things:
> 1. This was made public sometime in 2012 or earlier IIRC.
> 2. Exploiting this requires the same permission levels that would be
> required to change or access the password anyway. Where's the realistic
> security threat?
>
> Rob
>

[ reply ]
Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Jul 12 2013 09:35AM
Marco Ivaldi (raptor mediaservice net)


 

Privacy Statement
Copyright 2010, SecurityFocus