Skip Menu |
 

Date: Thu, 13 May 2004 19:58:37 -0500
From: Brant Gurganus <gurganbl@rose-hulman.edu>
To: krb5-bugs@mit.edu
Subject: issues found with Microsoft's Application Verifier
These issues were found with Microsoft's Application Verifier (free):

krbcc32.dll supplied a possibly-untrustworthy owner for an object.
(krbcc32.dll:00001949) Object created/set by CreateFileMapping:
krbcc.1144838.auth is owned by GURGANBL-1\gurganbl
The application assigned an object (file, registry key, etc.) security
descriptor specified an owner who may or may not be fully trusted. Any
object's owner is automatically granted the ability to change the
security permissions on that object (WRITE_DAC). The owner (listed in
the message) should be reviewed to determine if this is safe. If this
object is only to be accessed by the owner, then this message can be
ignored. This message means that security problems MAY exist with the
object in question.

krb5_32.dll uses an obsolete API
(krb5_32.dll:0000D12C) API: GetPrivateProfileStringA [4x]
The application called an obsolete API. Applications should not call
obsolete APIs. Find and use current APIs instead.

When spoofed to look like a future version of Windows, leash32.exe has
an Application Error.
The application failed to initialize properly (0xc0000005). Click on OK
to terminate the application.
The message appears twice. The spoofed Windows version is:
7.2.4500.

leashw32.dll accessed an object whose owner may by untrustworthy.
(leashw32.dll:00005A4B) Object accessed by OpenProcess: 1552 is owned by
GURGANBL-1\gurganbl
The application opened an object (file, registry key, etc.) whose
security descriptor specified an owner who may or may not be fully
trusted. Any object's owner is automatically granted the ability to
change the security permissions on that object (WRITE_DAC). The owner
(listed in the message) should be reviewed to determine if this is
safe. If this object is only to be accessed by the owner, then this
message can be ignored. The object may have been created by another
application-- this message means that the infrastructure on which this
application is built MAY have security issues. The entity responsible
for setting the security of the object should be identified and informed
of the potential problem.