| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Oct 2007 21:15:57 +1300 From: Nick FitzGerald <nick@...us-l.demon.co.uk> To: vulnwatch@...nwatch.org, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow iDefense Labs wrote: <<...>> > V. WORKAROUND > > Deleting the all sub-keys of the following registry keys will remove the > 'news' and 'snews' protocol handlers: > > HKEY_CLASSES_ROOT\news\shell > HKEY_CLASSES_ROOT\snews\shell If you want to do a thorough job of such mitigation as a Q&D fix, you may also need to nuke the HKEY_CLASSES_ROOT\nntp\shell entry. I can't easily test the viability of exploiting this via an nntp:// URI just now, but "nntp" is normally registered (at least with OE -- can someone check for Windows Mail?) with exactly the same sub-keys and values as the "news" and "snews" URI handlers... Regards, Nick FitzGerald
Powered by blists - more mailing lists