Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP id LAA13292; Mon, 17 May 2004 11:57:44 -0400 (EDT) Received: from pch.mit.edu (localhost [127.0.0.1]) by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i4HFvhos027271 for ; Mon, 17 May 2004 11:57:44 -0400 (EDT) Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i4E0wqos010054 for ; Thu, 13 May 2004 20:58:52 -0400 (EDT) Received: from envelope.rose-hulman.edu (envelope.rose-hulman.edu [137.112.8.21])i4E0woNF010803 for ; Thu, 13 May 2004 20:58:51 -0400 (EDT) Received: from gurganbl1 (gurganbl.student.rose-hulman.edu [137.112.133.237]) (authenticated (0 bits)) by envelope.rose-hulman.edu (8.11.6/8.11.6) with ESMTP id i4E0wlo05868 for ; Thu, 13 May 2004 19:58:48 -0500 (EST) Message-Id: <40A419BD.8090208@rose-hulman.edu> Date: Thu, 13 May 2004 19:58:37 -0500 From: Brant Gurganus User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502) X-Accept-Language: en-us, en MIME-Version: 1.0 To: krb5-bugs@mit.edu Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Antivirus: avast! (VPS 0420-3, 05/13/2004), Outbound message X-Antivirus-Status: Clean X-Mailman-Approved-At: Mon, 17 May 2004 11:57:43 -0400 Subject: issues found with Microsoft's Application Verifier X-Beenthere: krb5-bugs-incoming@mit.edu X-Mailman-Version: 2.1 Precedence: list Sender: krb5-bugs-incoming-bounces@mit.edu Errors-To: krb5-bugs-incoming-bounces@mit.edu Content-Length: 2141 These issues were found with Microsoft's Application Verifier (free): krbcc32.dll supplied a possibly-untrustworthy owner for an object. (krbcc32.dll:00001949) Object created/set by CreateFileMapping: krbcc.1144838.auth is owned by GURGANBL-1\gurganbl The application assigned an object (file, registry key, etc.) security descriptor specified an owner who may or may not be fully trusted. Any object's owner is automatically granted the ability to change the security permissions on that object (WRITE_DAC). The owner (listed in the message) should be reviewed to determine if this is safe. If this object is only to be accessed by the owner, then this message can be ignored. This message means that security problems MAY exist with the object in question. krb5_32.dll uses an obsolete API (krb5_32.dll:0000D12C) API: GetPrivateProfileStringA [4x] The application called an obsolete API. Applications should not call obsolete APIs. Find and use current APIs instead. When spoofed to look like a future version of Windows, leash32.exe has an Application Error. The application failed to initialize properly (0xc0000005). Click on OK to terminate the application. The message appears twice. The spoofed Windows version is: 7.2.4500. leashw32.dll accessed an object whose owner may by untrustworthy. (leashw32.dll:00005A4B) Object accessed by OpenProcess: 1552 is owned by GURGANBL-1\gurganbl The application opened an object (file, registry key, etc.) whose security descriptor specified an owner who may or may not be fully trusted. Any object's owner is automatically granted the ability to change the security permissions on that object (WRITE_DAC). The owner (listed in the message) should be reviewed to determine if this is safe. If this object is only to be accessed by the owner, then this message can be ignored. The object may have been created by another application-- this message means that the infrastructure on which this application is built MAY have security issues. The entity responsible for setting the security of the object should be identified and informed of the potential problem.