s almost no detail (like version,
effect on utorrent), etc.
To the OP: If you want to be taken seriously, you should take more time
to investigate the vulnerability and to learn the right tools (like perl
and netcat in this case) than to write silly scripts that ask for data
that could just be su
the passphrase would play a role in the
encryption.
> Stores passwords in clear text.
Yes - the key must be retrievable in some way, if the password can be
changed without knowledge of the prior password.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
uld even highlight files that are not common to upload (i.e. no
pictures, as this is probably 90% of file upload usage) and remind the
user of the platform-specific dangers of submitting specific files.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
images. Adding a tiny bit of spatial filtering might help as well.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
thing, to make revocation as painless as possible,
to avoid the bias that it might induce in users, when deciding if they
should revoke the key.
However, unless/util there is a way to absolutely painlessly revoke
a key, I am afraid we will have to leave the decision to human judgement.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
hange a password on a container,
the password will change, so a diff will show where it is stored.
> and I do not see bypassing the passphrase dialog-box as Feature either.
Try your "attack" on a volume that is not cloned from another volume, or
on a volume that has been reencrypted. See it fail.
I will skip commenting on the rest of the mail for obvious reasons.
Regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
o be corrected.
> What's the purpose of having a quarantine control, if by-design, it
> can be circumvented ? ;)
Angel on the left: To remind lazy users to adhere to the security policy.
Devil on the right: Marketing?
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
;s like they are doing XOR encoding with a repeating
pattern (which would have exactly the properties you describe).
Possibly, that they are doing some silly kind of key expansion,
by repeating the keyphrase until the keylength is reached.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
ject: You have received a postcard! Id: 7963
Ah. Good guess.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
e as well.
About every software that shows builtin external URLs to the user at
some point is "vulnerable" to that.
If we go to the scenario of a user running an untrusted binary, all is
lost anyway.
Kind regards,
Andreas Beck
--
Andreas Beck
http://www.bedatec.de/
coworker that happened to look over your shoulder when you opened the
wrong file. But it is NOT o.k., if an attacker can retrieve the file and
play around with it all day.
CU, Andy
--
= Andreas Beck| Email : <[EMAIL PROTECTED]> =
Bedatec Security Advisory 200212140001
--
Discovered : 2002-12-08
Vendor notified : 2002-12-14 (sorry for the delay, had to check if
default is still set for RH 8.0)
Author : Andreas Beck <[EMAIL PROTEC
> > times,
> Correct, but: the admin should still verify that it is not open
> before deleting it (in his cron job).
As long as there is no atomic "check-if-file-is-open-and-if-not-delete-it"
this just makes exploitation harder by introducing anoth
hen continue on a cryptographically
strong pseudo-random-generator when the pool is empty.
If you drain the random pool for simple stuff like that, it will not be
filled enough for the really important matters like key generation.
CU, Andy
--
= Andreas Beck | Email : <[EMAIL PROTECTED]> =
ever that does not mean, the bug in the lower layers may remain there.
Also note, that - as I already reported to Tom in PM - not all X servers
are affected. I tested the example sites using Mozilla 1.0RC2 on an XGGI
server which is based on rather old X-consortium code IIRC and the
15 matches
Mail list logo
