[VotoEletronico] Re: En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL)
And wich "porra" could it means to my computer operation, my dear friend Alejandro? What could happen with my documents and with my secrets? I remain waiting more informations. Thank you a lot. Carlos Tebecherane Haddad - Original Message - From: Alejandro Carriles [EMAIL PROTECTED] To: mailto:Undisclosed-Recipient:@sv.compuland.com.br Sent: Wednesday, September 20, 2000 1:13 PM Subject: [VotoEletronico] En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) -Mensagem Original- De: [EMAIL PROTECTED] Para: [EMAIL PROTECTED] Enviada em: segunda-feira, 18 de setembro de 2000 18:20 Assunto: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com Double clicking on Office documents may execute arbitrary programs (DLL) -- -- SUMMARY If certain DLLs are present in the current directory when a user double clicks on a Microsoft Office Document or launches the document using "Start | Run", those DLLs will be executed instead of the ones provided with Microsoft Office. This would allow executing of native code and may lead to taking full control over user's computer. DETAILS Vulnerable systems: MS Office 2000 Windows 98 Windows 2000 If either of the following files: riched20.dll or msi.dll Are present in the current directory, double clicking on an Office document in the current directory will cause them to be executes (Loaded, and their DllMain() function called) (Excel seems not to work with riched20.dll but works with msi.dll). Proof of concept: 1) Download dll1.cpp from http://www.guninski.com/dll1.cpp http://www.guninski.com/dll1.cpp and build it. 2) Rename dll1.dll to riched20.dll 3) Place riched20.dll in a directory of your choice 4) Close all Office applications 5) From Windows Explorer double click on an Office document (preferably MS Word document) in the directory congaing riched20.dll Workaround: Do not double click on Office documents or use "Start | Run office.doc". Instead start the Office application from "Start Menu" and then use "File | Open" ADDITIONAL INFORMATION The information has been provided by mailto:[EMAIL PROTECTED] Georgi Guninski. This bulletin is sent to members of the SecuriTeam mailing list. To unsubscribe from the list, send mail with an empty subject line and body to: [EMAIL PROTECTED] In order to subscribe to the mailing list, simply forward this email to: [EMAIL PROTECTED] DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __ __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __
[VotoEletronico] Re: En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL)
Use o StarOffice Carlos. Aristóteles - Original Message - From: Sigmatec [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 21, 2000 10:58 AM Subject: [VotoEletronico] Re: En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) And wich "porra" could it means to my computer operation, my dear friend Alejandro? What could happen with my documents and with my secrets? I remain waiting more informations. Thank you a lot. Carlos Tebecherane Haddad - Original Message - From: Alejandro Carriles [EMAIL PROTECTED] To: mailto:Undisclosed-Recipient:@sv.compuland.com.br Sent: Wednesday, September 20, 2000 1:13 PM Subject: [VotoEletronico] En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) -Mensagem Original- De: [EMAIL PROTECTED] Para: [EMAIL PROTECTED] Enviada em: segunda-feira, 18 de setembro de 2000 18:20 Assunto: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com Double clicking on Office documents may execute arbitrary programs (DLL) -- -- SUMMARY If certain DLLs are present in the current directory when a user double clicks on a Microsoft Office Document or launches the document using "Start | Run", those DLLs will be executed instead of the ones provided with Microsoft Office. This would allow executing of native code and may lead to taking full control over user's computer. DETAILS Vulnerable systems: MS Office 2000 Windows 98 Windows 2000 If either of the following files: riched20.dll or msi.dll Are present in the current directory, double clicking on an Office document in the current directory will cause them to be executes (Loaded, and their DllMain() function called) (Excel seems not to work with riched20.dll but works with msi.dll). Proof of concept: 1) Download dll1.cpp from http://www.guninski.com/dll1.cpp http://www.guninski.com/dll1.cpp and build it. 2) Rename dll1.dll to riched20.dll 3) Place riched20.dll in a directory of your choice 4) Close all Office applications 5) From Windows Explorer double click on an Office document (preferably MS Word document) in the directory congaing riched20.dll Workaround: Do not double click on Office documents or use "Start | Run office.doc". Instead start the Office application from "Start Menu" and then use "File | Open" ADDITIONAL INFORMATION The information has been provided by mailto:[EMAIL PROTECTED] Georgi Guninski. This bulletin is sent to members of the SecuriTeam mailing list. To unsubscribe from the list, send mail with an empty subject line and body to: [EMAIL PROTECTED] In order to subscribe to the mailing list, simply forward this email to: [EMAIL PROTECTED] DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __ __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __ __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __
[VotoEletronico] A INseguranca Urnas Eletronicas
Segue copia de carta enviada ao jornal O Globo. === Ao jornal O Globo, Com referencia ao artigo do Juiz Thiago Ribas Filho, na sua edicao de 20/09, eh essencial esclarecer que o referido artigo esquiva-se dos reais problemas das urnas eletronicas, e fundamenta a defesa das mesmas em simples garantias verbais. Tenho visao diametralmente oposta, que julgo de suma importancia, chegue aos leitores deste conceituado jornal. O equipamento atual da Una, mais o processo vigente criam vulnerabilidades inadmissiveis, as quais o TSE nao consegue contestar, mas tampouco reconhece, e muito menos corrige: 1)Antes de cada eleitor votar, o mesario digita o numero do seu titulo de eleitor num teclado que (pasme) eh ligado a Urna. A justificativa eh que eh preciso controlar a Urna e so desbloquea-la quando ha um novo eleitor para votar. Ocorre porem que ao digitar o numero do titulo, abre-se de cara a real possibilidade do programa da Urna associar o voto e o eleitor, quebrando o sigilo do voto definido na constituicao. Nao pode ser feita esta digitacao. Nossa sugestao eh que haja apenas um botao para liberarcao. 2)Desde 1998, foi eliminado o comprovante de voto que antes axistia. Com isto nao existe mais possibilidade de auditagem, ou recontagem de uma urna. Isto fere o direito dos candidatos a conferencia e impugnacao de secoes com resultados suspeitos, alem do que abre a porta para que eventual erro no programa da urna, ou mesmo fraude, seja virtualmente indetectavel. O programa pode alterar a totalizacao de votos antes da impressao do boletim da secao, e nao ha como evitar ou detectar isto. O voto impresso tem que voltar. 3)Finalmente nao ha garantia de que o programa da urna eh conhecido ou tenha sido testado pelos partidos, ja que o acesso eh parcial, e em tempo insuficiente, alem do que nao ha garantia de que o programa carregado eh aquele que ainda que superficialmente foi apresentado aos partidos. Para ver a que nivel o teste pelos partidos eh inutil, basta dizer que no teste a urna eh carregada com versao de teste, e nao com a versao real de votacao. Combinado com os problemas anteriores, este segredo em torno do programa faz com que o TSE nao possa comprovar que no dia da eleicao nao estara la um programa que se aproveita das falhas dos itens (1) e (2). Nossa sugestao eh corrigir os itens (1) e (2), fazendo com que conhecer o programa nao seja a unica forma de tentar garantir a honestidade da urna. Mesmo assim seria saudavel que o programa fosse aberto, e na verdade nao ha razao para que nao o seja. Os leitores interessados no assunto podem ter bastante material de pesquisa no site http://www.votoseguro.org.br que foi organizado pelo tambem engenheiro Amilcar Brunazzo de Santos. Ali foram se encontrando aqueles que desde 1996 notaram os problemas, como o Brunazzo, eu, e muito mais gente, de todo o Brasil. Sim, ao contrario do que afirma o Dr Thiago, a contestacao vem de longa data. A imprensa tem dado destaque crescente, com citacoes nos principais veiculos. Benjamin Azevedo Engenheiro ... __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __
[VotoEletronico] Re: En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL)
O assunto é off-topic mas tenho uma dica boa para quem quer (ou necessita) continuar utilizando o office... os documentos que vcs produzem certamente não estão espionando vocês. os documentos não confiáveis (qualquer documento que vc não produziu) pode ser lidos no Wordpad (programas, acessorios). Além do Wordpad não ser vulnerável a esse "bug" e compatível com word, ele não executa macros (e consequentemente livra voces de macro vírus). Celso Pinheiro Auditor Especialista em Tecnologia de Informação\ - Original Message - From: "Aristóteles" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 21, 2000 1:02 PM Subject: [VotoEletronico] Re: En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) Todo brasileiro tem direito a um e-mail grátis http://www.bol.com.br Use o StarOffice Carlos. Aristóteles - Original Message - From: Sigmatec [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 21, 2000 10:58 AM Subject: [VotoEletronico] Re: En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) And wich "porra" could it means to my computer operation, my dear friend Alejandro? What could happen with my documents and with my secrets? I remain waiting more informations. Thank you a lot. Carlos Tebecherane Haddad - Original Message - From: Alejandro Carriles [EMAIL PROTECTED] To: mailto:Undisclosed-Recipient:@sv.compuland.com.br Sent: Wednesday, September 20, 2000 1:13 PM Subject: [VotoEletronico] En: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) -Mensagem Original- De: [EMAIL PROTECTED] Para: [EMAIL PROTECTED] Enviada em: segunda-feira, 18 de setembro de 2000 18:20 Assunto: [NT] Double clicking on Office documents may execute arbitrary programs (DLL) The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com Double clicking on Office documents may execute arbitrary programs (DLL) -- -- SUMMARY If certain DLLs are present in the current directory when a user double clicks on a Microsoft Office Document or launches the document using "Start | Run", those DLLs will be executed instead of the ones provided with Microsoft Office. This would allow executing of native code and may lead to taking full control over user's computer. DETAILS Vulnerable systems: MS Office 2000 Windows 98 Windows 2000 If either of the following files: riched20.dll or msi.dll Are present in the current directory, double clicking on an Office document in the current directory will cause them to be executes (Loaded, and their DllMain() function called) (Excel seems not to work with riched20.dll but works with msi.dll). Proof of concept: 1) Download dll1.cpp from http://www.guninski.com/dll1.cpp http://www.guninski.com/dll1.cpp and build it. 2) Rename dll1.dll to riched20.dll 3) Place riched20.dll in a directory of your choice 4) Close all Office applications 5) From Windows Explorer double click on an Office document (preferably MS Word document) in the directory congaing riched20.dll Workaround: Do not double click on Office documents or use "Start | Run office.doc". Instead start the Office application from "Start Menu" and then use "File | Open" ADDITIONAL INFORMATION The information has been provided by mailto:[EMAIL PROTECTED] Georgi Guninski. This bulletin is sent to members of the SecuriTeam mailing list. To unsubscribe from the list, send mail with an empty subject line and body to: [EMAIL PROTECTED] In order to subscribe to the mailing list, simply forward this email to: [EMAIL PROTECTED] DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __ __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __ __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __ __ Pagina, Jornal e Forum do Voto
[VotoEletronico] Re: Publicidade
A respeito de [VotoEletronico] Publicidade, em 21/09/2000, 14:25, Evandro Oliveira escreveu: EO Companheiros, EO Aqui em MG, a Telemar (concessionária de telefonia que atende outras EO unidades da federacao) distribui em suas contas a seguinte mensagem EO comercial... EO "VOTO ELETRONICO: FÁCIL E SEGURO" Pois eu acho que a Telemar está certíssima, Evandro: é muito FÁCIL fraudar o voto, e totalmente SEGURO: ninguém vai descobrir. -- Grande abraço, Roger Chadel Chadel Quality Software http://www.chadel.com.br Extraido de minha coleção de taglines: Impressionante como as coisas caem do céu para mim. (Suzana Werner) /"\ \ / Campanha da fita ASCII - contra mail html X ASCII ribbon campaign - against html mail / \ __ Pagina, Jornal e Forum do Voto Eletronico http://www.votoseguro.org __
