Re: White paper: Exploiting the Win32 API.

2002-08-29 Thread Chris Paget
On Wed, 28 Aug 2002 10:25:08 -0700, you wrote: >Anytime a developer has an application running as system which >is a rare need, they must realize the security ramifications of >what they are doing. (That, if a flaw is found in their software, >they will elevate the privileges of the user). Agreed

RE: White paper: Exploiting the Win32 API.

2002-08-28 Thread Drew
> -Original Message- > From: Rothe, Greg (G.A.) [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 27, 2002 10:00 AM > To: 'Paul Starzetz'; Andrey Kolishak; [EMAIL PROTECTED] > Subject: RE: White paper: Exploiting the Win32 API. > > > All of this brin

RE: White paper: Exploiting the Win32 API.

2002-08-28 Thread Rothe, Greg (G.A.)
ECTED] Subject: Re: White paper: Exploiting the Win32 API. Andrey Kolishak wrote: > >There is also article of Symeon Xenitellis "A New Avenue of Attack: >Event-driven system vulnerabilities" >http://www.isg.rhul.ac.uk/~simos/event_demo/ > > > In fact, the problem i

Re: White paper: Exploiting the Win32 API.

2002-08-27 Thread Paul Starzetz
Andrey Kolishak wrote: > >There is also article of Symeon Xenitellis "A New Avenue of Attack: >Event-driven system vulnerabilities" http://www.isg.rhul.ac.uk/~simos/event_demo/ > > > In fact, the problem is similar to U*ix signals, except that there is no jump-to-address argument for usual. Re

RE: White paper: Exploiting the Win32 API.

2002-08-10 Thread Kenn Humborg
> So let me get this straight. > > Allowing unpriveleged processes to send control messages to priveleged > processes is not a flaw in the Win32 API because there is a mechanism > for applications to protect themselves from this type of attack > (alternate Windows Stations/Desktops). > > But the

RE: White paper: Exploiting the Win32 API.

2002-08-10 Thread Marc Maiffret
From: John Howie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 06, 2002 10:44 AM To: Chris Paget; [EMAIL PROTECTED] Subject: RE: White paper: Exploiting the Win32 API. Chris, This class of attack is not new, it has been discussed before. While you can assert that the blame lies with Microsoft

Re: White paper: Exploiting the Win32 API.

2002-08-10 Thread Andrey Kolishak
I believe nothing new it that issue. WM_TIMER tricks were described by Matt Pietrek in 1997, in Microsoft's MSJ http://www.microsoft.com/msj/defaultframe.asp?page=/msj/0397/hood/hood0397.htm&nav=/msj/0397/newnav.htm (sample included) So it was noted already at least 5 years before Jim Allchin.

Re: White paper: Exploiting the Win32 API.

2002-08-09 Thread Simos Xenitellis
Dear All, The issue of vulnerabilities in event-driven systems has been mentioned last month (7th July 2002) in the vuln-dev mailling list at http://online.securityfocus.com/archive/82/280912/2002-07-04/2002-07-10/0 Perhaps vuln-dev is not that popular as bugtraq :'(. Time to switch maill