[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200307151426.h6FEQWMQ010999@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Re: GUNINSKI THE SELF-PROMOTER
On Tue, 15 Jul 2003 08:02:56 EDT, "Richard M. Smith" <rms@...puterbytesman.com> said:
> Ah yes, the Good Time virus. What a silly idea that a virus can execute
> simply by reading an email message. Everyone knows that's
> impossible........
Actually, that's *STILL* impossible. As far as I am aware of, every single
"attack when you open the message" virus/worm is dependent on the fact that
certain mail programs confuse the concept of "reading the message text" and
"executing/interpreting code provided by an attacker". (OK - there's a mostly
theoretical attack overflowing a buffer or something in a 'more/less' type
program, and admittedly there's some borderline cases like the MIME header
overflow documented in CERT CA-1998-10).
Hint - think about why you need different security zones to defend you against
plain non-active text. Those zones are only there because there's *ACTIVE*
content involved.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030715/b787f193/attachment.bin
Powered by blists - more mailing lists