lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 18 Jul 2007 10:43:39 -0400
From: "CERT(R) Coordination Center" <cert@...t.org>
To: full-disclosure@...ts.grok.org.uk, pszmaths.usyd.edu.au@...t.org
Cc: cert@...t.org
Subject: Re: Can CERT VU#786920 be right?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Paul,

CERT Coordination Center <cert@...t.org> writes:
>I sent the following to CERT (a few hours ago, no reply yet):
>
>> In http://www.kb.cert.org/vuls/id/786920 you wrote:
>>
>> Disabling the AIM protocol handler will mitigate this vulnerability.
>>
>> To unregister the protocol handlers, delete or rename the following
>> registry keys:
>> HKEY_CLASSES_ROOT\AOL
>>
>> I believe that renaming that key does NOT unregister the handler.
>> Windows looks for registry values of "URL Protocol" (almost?) anywhere
>> within the registry, not just (directly) under HKCR. And anyway, how
>> would renaming AOL to XYZ affect the AIM handler...
>
> Now I wonder if they can in fact be right... please enlighten me.

Thanks for the good feedback, we did some more testing and updated VU#786920:

<http://www.kb.cert.org/vuls/id/786920>

Thanks,

Ryan Giobbi
Vulnerability Analyst
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRp4pbdQ7jfmvPJrEAQIHYgf/QfaKNH89qGCsyFclNBE7cKScTtI2Y4hT
+h/7waUBvGJyufgLFMmBZFqxKDx2vuGyuxGKlRwCYmlvQ1O1LeFq+zRRz5LIW17n
p1p2ExPp/48/GY29RQzER9nBF5BjY5eyN2hhcjvwX7jXiiP6sQ7Z3Nd7dTkSqYCs
hbggwDpKyF9Fvww/XbpSjPLf/4SRgndtuu5Ge/4++iAmLR6NhXlRUxziICkaj8EW
7CaTTZr2T57NCsrCi3UOiLiZHH2EGNq+AAioWpYgDZP+cBG5r6O8V1pDH9dLFFyv
q4D2ko280B/T8Y4KT0sj49Mctbn2P6/x+nY7Hek8lAeldZ7OsvhWXQ==
=jcbC
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ