• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Netmeeting Local Session Hijacking Vulnerability

Microsoft Netmeeting allows a user to share their desktop to a remote user through the Remote Desktop Sharing service.

While the remote user is connected to the Remote Desktop Sharing host, a local user can interrupt the session and gain control over the host even if a password protected screensaver is enabled. The attacker would only be able to gain the privileges of the locally logged on user.