Security Holes That Run Deep

Security Holes That Run Deep
Mark Burnett, 2004-12-20

How a seemingly simply Microsoft bug betrayed its author's disdain for a wide range of secure coding principles.

Security Holes That Run Deep 2004-12-20
Anonymous (2 replies)

How can an application "bypass NTFS permissions?" Presumably you mean the application is running with administrative access privileges. This I can understand - it is incredibly difficult to write a Windows application that runs properly without administrative privileges, and to get it installed so t...

[ more ] [ reply ]

Security Holes That Run Deep 2004-12-22
michaels (1 replies)

Yes, IIS _doesn't_ bypass NTFS permissions - of course, it can't even do it (w/o great difficulty) - it just opens the file with ASPNET access.

The note about "MS Provide a list ... etc" - this won't help at all.

Currently they are already made publically aware of when a mistake occurs, and su...

[ more ] [ reply ]

Security Holes That Run Deep 2004-12-23
Anonymous

The design is faulty, or at least the design that states the process runs at such a high privelige level that this sort of thing is possible. There is no need for any application to have direct full access to the system.

When I thought I needed Apache on Unix to run as root, I have to jump throug...

[ more ] [ reply ]

Security Holes That Run Deep 2004-12-26
Anonymous

How can an application "bypass NTFS permissions?"

Simple! Use a Linux machine to acccess a file share using SMB. No matter what user account is used to validate the loggin the linux machine gets the NTFS permission set to the user account "System", which grants better access to files than any ad...

[ more ] [ reply ]

Nothing new from MS here... 2004-12-21
Anonymous

The original asp. bug (add a dot to the end of an URL) and you get to see the page's source instead of the asp engine execute the code.

Seems these little parsing errors never go away.

http://home.mcyork.com/iansays/archives/000317.html...

[ more ] [ reply ]

Security Holes That Run Deep 2004-12-21
bazzargh

Over here on the java side of the fence, things aren't much better. The web.xml deployment descriptor adds security-constraints to url-patterns. However, this element is optional and defaults to unsecured. In fact, because its not possible to say "no constraint applies" to an url pattern, no combina...

[ more ] [ reply ]

Failing Open vs. Closed 2004-12-22
Andy S.

Some systems are configured out of the box to allow acess to all configured resources unless a rule is put in place to block access. I can't think a webserver that doesn't enforce this as its basic policy. All all by default unless told otherwise.

Other systems default closed. Some firewalls, ...

[ more ] [ reply ]

Security Holes That Run Deep 2004-12-23
Anonymous

The bigger issue is Microsoft's overall posture when it comes to security.
While I know the majority of the software engineers at Microsoft are very dedicated to producing secure and stable code, Microsoft's overall corp stance has left alot to be desired.
Microsoft's business plan has always been...

[ more ] [ reply ]

Security Holes That Run Deep 2004-12-29
Anonymous-Philippines (1 replies)

Guys,

Come on now, we all know that there is a trade off between security, functionality and ease-of-use.

Not to defend Microsoft or anything, but, if you consider that during those early times, the need of the market was to have an easy to use product that could connect to the internet. Micr...

[ more ] [ reply ]

Re: Security Holes That Run Deep 2009-06-10
Anonymous - US

Security is writen by people. If someone can understand how to make it, someone else can understand how to interprut it. No security is perfect or will it ever be and its only a matter of time until its cracked. The idea is to find the best security for now and keep working at it and I think that...

[ more ] [ reply ]