[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <43D01969.4040107@redsand.net>
Date: Thu Jan 19 22:57:51 2006
From: redsand at redsand.net (redsand)
Subject: Security Bug in MSVC
like selling all my M$ Excel exploits
ad@...poverflow.com wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>and me I think most FD members are desesperate of such newcomer
>comments, you have nothing to say interesting about his work he's
>doing before you were born.
>
>redsand wrote:
>
>
>>i think the author of this advisory is desperate for advisories or
>>attention.
>>
>>either way he needs to open a disassembler and work on something
>>else.
>>
>>Pavel Kankovsky wrote:
>>
>>
>>
>>>On Tue, 17 Jan 2006, Morning Wood wrote:
>>>
>>>
>>>
>>>
>>>
>>>>extract, and open hello.dsw click "batch build, build" or
>>>>"rebuild all" code will execute ( calc.exe and notepad.exe used
>>>>as an example )
>>>>
>>>>
>>>>
>>>What's the point of building a bunch of sources unless 1. you
>>>trust their author, or 2. you have made sure their is nothing
>>>malicious there?
>>>
>>>When you build an executable from untrusted sources, you get an
>>>untrusted executable. Either you run it and you're screwed
>>>anyway, or you don't run it and you wasted your time building it.
>>>
>>>
>>>(Indeed, there are some marginal cases like when you want to
>>>build an executable file intended to run on someone else's
>>>computer...)
>>>
>>>--Pavel Kankovsky aka Peak [ Boycott
>>>Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open
>>>your source code and prepare for assimilation."
>>>
>>>_______________________________________________ Full-Disclosure -
>>>We believe in it. Charter:
>>>http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
>>>sponsored by Secunia - http://secunia.com/
>>>
>>>
>>>
>>>
>>_______________________________________________ Full-Disclosure -
>>We believe in it. Charter:
>>http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
>>sponsored by Secunia - http://secunia.com/
>>
>>
>>
>>
>>
>
>7
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.2 (MingW32)
>
>iQIVAwUBQ9AV6a+LRXunxpxfAQIl+A//XQq/5cyAlFC1SPGGqtQ0dG+S/NwGUzzv
>Z7ztPO91djMBVqHq1sNKwpwGwvl9KDXANuxl+lSRpW4KaoXIfORFhbO+jFHkkENN
>mcLVmLVuzDzO9a5RPCSb1NdIvPMSulJCV+4uoZyc45qG1Vw6qNugISnZm8R2CZk+
>+V+VqB8cpl34JdL7tfPPn5Gcs4QRJiNcFfFsT0duG1p2EGuLzbvNqgqPcISSL+MZ
>fNDrbRHk+PpkIz0Z1bxdAt9v/ijJ/c+vWASa0jO9tPtUEdsYfJYFC2LOUpw659rS
>DAiMxxKPPt2tFR7n4PyIridzrYRNd9UrwbMsiTaD8aOIIZHmhac3+vfVbOv+zOEz
>L2s8Sv5FanlsEI/zcK5DCSL6aRAVY98Uhq796qFrwAGkmCP1umfQGb/dFn+hmqd/
>4WwA/Qzv9vBBRqKUssiASwock5s/Vpb9y9OdPjkcN1QYVOm1RxPaA8uFKRfZ34v1
>sFGzefTOo4xYFuuPuXB+Uz2/yDhvrPuqsiQdvtz7jQ56NxTQmxuLN2fy5Uh1Pc7L
>1bnvW5FSFAboD95uaIfFvzu5oclQnXLJBgCjQCVjhXR1FUX/vOc+8ydcF5dUiLkk
>+iOMKvOvyzgGwuXR8z6tTXkPpEtJkb4xSej/JFHHpcUwSK/teUlHE6eODczAZtop
>S4l5HkauGb0=
>=Yi5I
>-----END PGP SIGNATURE-----
>
>
>
Powered by blists - more mailing lists