Version: 2008
  • On GameSpot: Next-gen DS, Xbox tech contracts set?
advertisement

Microsoft Windows NT 4.0 - Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data 1.0

  • Quick specs
  • Price: Update
  • Operating system: Windows NT
  • Date added: January 30, 2002
  • Total Downloads: 326
  • Downloads last week: 1
  • See full specifications
Add to my list Add to my Watch List
Download Now
Tested spyware free

Publisher's description

From Microsoft :

Trust relationships are created between Windows NT or Windows 2000 domains to allow users in one domain to access resources in other domains without requiring them to authenticate separately to each domain. When a user in a trusted domain requests access to a resource in a trusting domain, the trusted domain supplies authorization data in the form of a list of Security Identifiers (SIDs) that indicate the user's identity and group memberships. The trusting domain uses this data to determine whether to grant the user's request.

A vulnerability exists because the trusting domain does not verify that the trusted domain is actually authoritative for all the SIDs in the authorization data. If one of the SIDs in the list identified a user or security group that is not in the trusted domain, the trusting domain would accept the information and use it for subsequent access control decisions. If an attacker inserted SIDs of his choice into the authorization data at the trusted domain, he could elevate his privileges to those associated with any desired user or group, including the Domain Administrators group for the trusting domain. This would enable the attacker to gain full Domain Administrator access on computers in the trusting domain.

CNET Editor's Note: See also: Microsoft Windows NT Security Roll-up

QuickBooks Simple Start Online Free Edition
Create invoices, track payments, and manage expenses.
Download Now

More popular Operating Systems & Updates downloads

  1. 53,112 downloads 1. CNET TechTracker app
  2. 21,805 downloads 2. DriverMax
  3. 7,757 downloads 3. Windows 7 USB/DVD Download Tool
  4. 5,684 downloads 4. Windows XP Media Center Edition
  5. 5,568 downloads 5. Windows XP Service Pack 3
  6. See all Operating Systems & Updates downloads
Mac Starter Kit
Everything you need to get your Mac up to speed.
Download Now

User reviews

Write your own review Be the first one to review Microsoft Windows NT 4.0 - Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data 1.0 and share your experience with the CNET community!

Submit your review

Log in or create an account to submit your review for:

Microsoft Windows NT 4.0 - Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data 1.0

 ORLog in with your Facebook account
1. Rate this product:
(Mouse over the stars to rate this product and click to set your rating.)
2. One-line summary:(Summarize your review in one line. 10 characters minimum; required.)
0 of 55 characters
3. Pros:(Tell us what you like about this product. 10 characters minimum; required.)
0 of 250 characters
4. Cons:(Tell us what you don't like about this product. 10 characters minimum; required.)
0 of 250 characters
Bottom-line summary:(Explain to us in detail why you like or dislike the product, focusing your comments on the product's features and functionality, and your experience using the product. This field is optional.)
0 of 5000 characters

The posting of advertisements, profanity, or personal attacks are prohibited.
Click here to review our site terms of use.

Submit
See more CNET content tagged:
Microsoft Corp.,
Microsoft Windows NT,
access control,
domain,
security

advertisement
Click Here
download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET