lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 20 Feb 2004 14:58:07 -0800
From: "Drew Copley" <dcopley@...e.com>
To: <1@...ware.com>, <bugtraq@...urityfocus.com>
Subject: RE:  Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)


 

> -----Original Message-----
> From: http-equiv@...ite.com [mailto:1@...ware.com] 
> Sent: Friday, February 20, 2004 1:37 PM
> To: bugtraq@...urityfocus.com
> Subject: Re: is predicatable file location a vuln? (was RE: 
> Aol Instant Messenger/Microsoft Internet Explorer remote code 
> execution)
> 
> 
> 
> <!--  
> 
> > Being able to store arbitrary content in a predictable file 
> >location is  a vulnerability category of its own
> 
> An interesting category, for sure.  I think this point deserves 
> discussion.  Is the use of  predictable file locations really a 
> vulnerability?
> 
>  -->
> 
> If it isn't it should be. I'll give you four that have been put 
> on the back-burner for later realization (make a note that this 
> will be fair warning to the vendor):

If the predictable path involves server or client access, then it is
definitely a security bug. It may be moderate or low risk depending on
the potentiality of abuse and perhaps other factors. But, as a security
bug it should be higher risk then high risk, non-security issues.

With Internet Explorer or Outlook or Winamp and so on... These kinds of
client applications have shown that these issues tend more towards being
moderate security issues of the "configuration error" type.

Anyway, not to be dogmatic, but I do believe this is reasonable. 

If Microsoft is not fixing these issues because they do not consider
them security issues nor even bugs then they are obviously negligent and
grossly so. 



<snip>
> 
> The vendor in all cases, just cannot be bothered to fix any of 
> these things. Simply does not care. It seems that the new mantra 
> is "none of our customer's are affected by it" so let's not fix 
> it.
> 
> WATCH OUT !
> 
> All these will culminate in yet another STENCH ! exploit sooner 
> or later.
> 
> That is a true predicatable path.
> 
> 
> End Call
> 
> 
> -- 
> http://www.malware.com
> 
> 
> 
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ