lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040617133528.82289.qmail@web51504.mail.yahoo.com>
From: keydet89 at yahoo.com (Harlan Carvey)
Subject: USB Auto run function

> I have been interested in a potential exploit that
> may or may not be an 
> issue, I read lately that a potential malicious file
> could enter a system 
> via a USB Memory stick with a structured autorun.pif
> , and this file would 
> operate even if the screen lock is activated .

This is an interesting topic of discussion.  Like one
poster, I first saw this in the most recent issue of
2600.  I began looking into it, and almost immediately
came up with this particular MS KB article:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;136214


As you can see, KB136214 states pretty clearly that
*be default*, autorun.inf file processing is NOT
enabled for USB-connected thumb drives.  I haven't
tested it myself, but another poster has stated that
while items in the "open=" line may not be launched,
the "icon=" line seems to be processed.  

I read Gadi's comments:
http://catless.ncl.ac.uk/go/risks/23/41/4

I had some questions for Gadi, and fired off an email
but have yet to hear back.

While I do agree wholeheartedly that USB-connected
devices are definitely an issue within a network
infrastructure, it's not yet clear to me that the pose
the threats that have been presented.  


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ