MWC, Inc.- NTsecurity.com would like to inform Internet Community that
MWC, Inc. has discovered a security flaw ("RedButton Bug") in Microsoft
Windows NT v 3.5x, 4.0. The
security problem affects the majority of NT based networks.
The "RedButton Bug" enables a remote user to get unauthorized access to
a part of the NT system including registry and file system. The "RedButton"
utility, which is available for download at
http://www.NTsecurity.com/RedButton/ demonstrates the possibility of such
an access:
* It logs on remotely on a Target computer without presenting any User
Name and Password
* gains access to some of the resources available to Everyone
* determines the current name of Built-in Administrator account (thus
demonstrating that it is useless to rename it)
* reads several registry entries (i.e. displays the name of a Registered
Owner)
* lists all shares (including the hidden ones)
Microsoft has already been notified about this flaw.
MWC, Inc - NTsecurity.com
Network Security Team