lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: oscar.fajardo at atosorigin.com (Oscar Fajardo Sanchez)
Subject: USB Auto run function

  This issue has been discused in pentest list. Take a look at: 

  http://archives.neohapsis.com/archives/sf/pentest/2004-05/0136.html

  Regards.

----- Original Message -----
From: "Aditya, ALD [ Aditya Lalit Deshmukh ]" 
<aditya.deshmukh@...ine.gateway.technolabs.net>
Date: Friday, June 18, 2004 10:36 am
Subject: Re: [Full-Disclosure] USB Auto run function

> > I have been interested in a potential exploit that may or may 
> not be an 
> > issue, I read lately that a potential malicious file could enter 
> a system 
> > via a USB Memory stick with a structured autorun.pif , and this 
> file would 
> > operate even if the screen lock is activated .
> 
> this is true only for cdroms where the autorun has been enabled, 
> winxp does scan for the removable drives but does not run the 
> program based on the autorun but the type of files on the 
> reemovable drive
> 
> -aditya
> ??????????????????????????????????????????????????????
> ?b???v?"?.axZ?x??????Gb?*'??.?[kj???.?j)m???r??
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

-----------------------------------------------------------------
This e-mail and the documents attached are confidential and intended solely
for the addressee; it may also be privileged. If you receive this e-mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the sender does
not warrant that this transmission is virus-free and will not be liable for
any damages resulting from any virus transmitted.

"Este mensaje y los ficheros adjuntos pueden contener informaci?n
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto profesional Si usted
recibe este correo electr?nico por error, gracias de informar inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos
Origin no se hace responsable por su contenido. Su contenido no constituye
ning?n compromiso para el grupo Atos Origin, salvo ratificaci?n escrita por
ambas partes.
"Aunque se esfuerza al m?ximo por mantener su red libre de virus, el emisor
no puede garantizar nada al respecto y no ser? responsable de cualesquiera
da?os que puedan resultar de una transmisi?n de virus"
------------------------------------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ