collections of such files.
Is it a big security exposure issue?
That depends on your situation, the risks you're prepared to accept,
etc, etc.
Does disclosing this issue so more people are aware of it help or hurt?
Regards,
Nick FitzGerald
such.
Regards,
Nick FitzGerald
takes the published
PoC and adds it to one or more of the various web exploitation kits out
there...
Regards,
Nick FitzGerald
probably have
system updates disabled.
Regards,
Nick FitzGerald
sense did you discovr this?
Why do you think we might care?
And do you have you any idea of whether and/or how it actually works?
Regards,
Nick FitzGerald
(if not perfect) chance of success.
Regards,
Nick FitzGerald
that this attacker will come back, it equally does nothing to close the
hole they used in the first place, and the next attacker searching for
that hole will hit you just as easily and indiscriminately...
Regards,
Nick FitzGerald
obviously, but by some other form -- this kind of
specialist ignorance is behind well-considered physicists and
mathematicians being taken in by demonstrations of paranormal ability
that professional magicians always see through).
Regards,
Nick FitzGerald
and snews URI handlers...
Regards,
Nick FitzGerald
exploit...
Regards,
Nick FitzGerald
use such simple things as OSK's and your OTP
card?
Regards,
Nick FitzGerald
, those who develop security solutions
for the banking fraternity.
Regards,
Nick FitzGerald
noting this may not be the case.
And they made an obvious (or much more subtle) error like this where?
Regards,
Nick FitzGerald
slackers
gets the rating of the severity and scope of this kind of vuln right.
Any hope of Linux distro folk getting that clued?
Regards,
Nick FitzGerald
careful about our use of
terminology, this should all have been rather clear from the start.
Regards,
Nick FitzGerald
: This value is
not supported.
Of course, what the dox say and what works may be two different
things...
Regards,
Nick FitzGerald
]
the lessons of history, but as computer science in general, and comp-
sec in particular, in its geek-oid rush to be at the bleeding edge of
change seems to put so little value in teaching (or learning) its
history, I expect the effect would be lost...
--
Nick FitzGerald
Computer Virus Consulting
may
not please the list moderators (or at least, may agitate their lawyers
were the moderators to accept such a posting), one will resist...
Regards,
Nick FitzGerald
[EMAIL PROTECTED] wrote:
Anyone know anything about:
http://www.frame4.net/mdpro
It appears to be a pay for VX site.
There've been a couple already that, AFAICT, just faded away.
I mean, why pay for it when the bad guys shovel it at you faster than
most folk can keep up??
Regards,
Nick
on.
Regards,
Nick FitzGerald
admin passwords on Internet-visible Windows
networking) it's a fair bet that banner scanning and the like to find
them won't be detected _at the sites hosting these ServU servers_.
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
this out _in advance of
taking their money_ to all future potential customers...
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
, depending on the
open method used, depsite having been renamed to a non-EXE
extension.
Thus, http-equiv's discovery that a non-extensioned EXE could be
launched through one of these code execution holes is not all that
surprising...
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3
to
the spread like crazy mode.
Regards,
Nick FitzGerald
[EMAIL PROTECTED]
Network Associates (US)[EMAIL PROTECTED]
Norman (NVC) [EMAIL PROTECTED]
Sophos Plc.[EMAIL PROTECTED]
Symantec [EMAIL PROTECTED]
Trend Micro[EMAIL PROTECTED]
--
Nick
; first null line
; is message body
(This comment is repeated later in Appendix D too.)
I'm afrain that Notes is correct on here
Yes -- a pity the drafters of those RFCs wrote them so ambiguously
and I've always preferred words to formulae (diagrams are good
though...).
Regards,
Nick
, nor should the email
clients be crashing.
I agree the clients shouldn't crash when processing out of bounds
input, but the point would be all but moot if the servers were doing
what they should.
Regards,
Nick FitzGerald
for some annoying local DoS and Trojan effects though). (For
those who don't know -- some spammers have been using this hole to
add Favorites to IE and even change its start page to point to
their sites, and of course it has been extensively used by several
viruses...)
Regards,
Nick FitzGerald
s that generate them.
Excellent decision!
(BTW, for those not on SF's Focus-Virus list, we had a rather
"animated" discussion of these issues a couple of weeks back.)
Regards,
Nick FitzGerald
n use regedit.exe to find all
instances of "NeverShowExt" and rename them to "disabled_NeverShowExt".
8-)
Definitely a good start!
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
s with network drives that
are mapped to a drive letter with Windows Explorer or mounted with
the Microsoft Management Console (MMC). As with mounted hardware,
a mounted network drive must have an Autorun.inf file in its root
directory, and must not be disabled through the registry.
--
N
mail scanning system
that does not process message bodies has been a dead-duck. In a
perfect world, that means your point would be moot, but in this
world...
Regards,
Nick FitzGerald
networks, the use of the management tools should make
automating this very easy...
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
MI and some others models), you can
try CmosPwd (Dos/Win9x, WinNT, Linux versions) avaible at
http://www.esiea.fr/public_html/Christophe.GRENIER/
*If* you have boot access, this is a very handy little util! (If
you don't have boot access, a screw-driver and a good memory for
mainboard layouts
.
Note: I could not bring myself to enable Active Desktop, even
just for the duration of this testing. I *presume* it acts the same
as the My Computer interface (which is really a "dumbed-down
Explorer"), but would welcome results from anyone who has tried.
--
Nick FitzGerald
Computer Virus Consulting Ltd. (NZ)
Ph/FAX: +64 3 3529854
ect".
Regards,
Nick FitzGerald
imply refusing en masse to
use products whose developers do not provide adequate and timely file
format details to our security product developers -- if no-one is
using a product there cannot be a compelling business reason to do
so, so ill-informed managerial pressure to adopt the product would be
weakened
y be advisable to develop an
authentication mechanism for this feature" is a classic example of
the contempt in which security is held amongst designers at Richmond.
Regards,
Nick FitzGerald
38 matches
Mail list logo
