Hi, Has any company looked into the issue of desktop search programs being an attack vector for malware? I'm wondering if a booby-trapped document file can be placed on a system that will cause a buffer error in a desktop search bot. The buffer overflow can then be used to install and run malware. Such a file can be delivered as an attached file to an email message or downloaded on the sly to a browser cache.
Also can a desktop search bot be DoSed by having it index an exploding .ZIP which is modest in size but contains many terrabytes of document files? Richard _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
