Reported July 5, 2001, by Ken Pfeil.
VERSION AFFECTED
-
Rhode Island Soft Systems’ 4th of July Fireworks demo screensaver for Windows 2000, Windows NT, and Windows 9x
DESCRIPTION
A back door exists in the 4th
of July Fireworks demo screensaver from Rhode Island Soft Systems. By
pressing the space bar on the keyboard, it's possible to circumvent the
screensaver's lock workstation function. A malicious user can make the default
Web browser appear with the Rhode Island Soft System Web site by using the
security context of the currently logged-on user. From there, the attacker can
run explorer.exe in the browser’s address window to get the desktop and to run
any other program under this context. A malicious user can also exploit this
vulnerability remotely through Windows 2000 Terminal Services Advanced Client
(formerly known as Terminal Services Web Client).
VENDOR RESPONSE
The vendor, Rhode Island Soft Systems, was notified about this vulnerability, but doesn't intend to release a fix for this issue. To work around this problem, a user can uninstall the demo screensaver software.
CREDIT
Discovered by Steve
Johns.