| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040916223035.C0FD67A8901@ws4-4.us4.outblaze.com> From: mikieboy at hackermail.com (mike gringo) Subject: re jpeg vuln have previously posted to list under real name of michael simpson so excuse the diff address but maybe shouldn't do this thru work I remember when Cass first told me about the netscape_crash jpeg odd behaviour with windows xp and as i run some xp boxen for the family i had a wee peek interesting behaviour that i noted was when it was sitting on a network folder, any attempt to axs folder by a -at that time unpatched- box it would lead to the usual explorer crash without the necessary user intervention of the click i presume this is due to xp's sneaky peaky cachety looksie that it does with network folders. use for this if one was to astonishingly find oneself in a surprisingly hostile relationship with the IT dept, say, at my place of work and you knew that they were rummaging through the network thru your files, and that they were running a "vuln" os and that they weren't very sophisticated then you could liberally sprinkle both examples of the jpeg bug (strength in depth) throughout the fs especially in the usual places, stuff etc nothing there to see, not wanting to "piss on my chips" as they do pay the mortgage and i'm pretty certain that they don't read my FD folder just a thought mike -- _______________________________________________ Get your free email from http://www.hackermail.com Powered by Outblaze
Powered by blists - more mailing lists