| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Aug 2010 17:20:20 -0400 From: Charles Morris <cmorris@...odu.edu> To: Dan Kaminsky <dan@...para.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>, "paul.szabo@...ney.edu.au" <paul.szabo@...ney.edu.au> Subject: Re: DLL hijacking with Autorun on a USB drive On Tue, Aug 31, 2010 at 5:15 PM, Dan Kaminsky <dan@...para.com> wrote: > > Again, the clicker can't differentiate word (the document) from word (the > executable). The clicker also can't differentiate word (the document) from > word (the code equivalent script). > > The security model people keep presuming exists, doesn't. > > Even the situation whereby a dll is dropped into a directory of documents -- > the closest to a real exploit path there is -- all those docs can be > repacked into executables. > What? I can differentiate my coolProposal.doc from msword.exe just fine.. If your statement is that the windows defaults should be changed, including the "hide extensions" default, then I wholeheartedly agree as I detailed in my first post. It's the first thing I turn off. Many people who think the same way have considered that a vulnerability in windows for years, I wouldn't consider it part of the "DLL Hijacking" fiasco. Cheers, Charles _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists