lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20041221205036.GB5624@sanger.ac.uk>
Date: Tue, 21 Dec 2004 20:50:36 +0000
From: Dave Holland <dh3@...ger.ac.uk>
To: Jonathan T Rockway <jrockw2@....edu>
Cc: bugtraq@...urityfocus.com
Subject: Re: DJB's students release 44 *nix software vulnerability advisories


On Mon, Dec 20, 2004 at 05:14:22PM -0600, Jonathan T Rockway wrote:
> Two points.

Me too, two.

> Regarding local versus remote, look at it this way:  You have a 100%
> secure system.

There's no such thing.

> Then you install NASM.  Now a user FROM THE NETWORK can
> send you some tainted assembly code for you to assemble and he can
> compromise your account.

As has already been pointed out, a user from the network could send me a
shell script containing "rm -rf ~". I'd be mad not to inspect a random
unsolicited shell script before I ran it. I'd be mad not to inspect a
similarly unsolicited NASM file before I assembled it; ditto input to
csv2xml, abcm2ps, or many of the other "vulnerable" programs.

This is not to belittle the effort that went into finding these bugs.
Just to say that labelling them all as "remotely exploitable" is rather
overstating the case.

Dave
-- 
** Dave Holland ** Systems Support -- Special Projects Team **
** 01223 494965 ** Sanger Institute, Hinxton, Cambridge, UK **


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ