lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 21 Sep 2007 09:50:24 +0530
From: "Antivirus Taneja" <taneja.security@...il.com>
To: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
Cc: Aditya K Sood <zeroknock@...niche.org>, bugtraq@...urityfocus.com,
	full-disclosure@...ts.grok.org.uk
Subject: Re: 0day: PDF pwns Windows

Hi,

Too interesting and dangerous....Last couple of months there were PDF
spamming (Stocks Information)  all over the internet..I analyzed those PDF i
didn't find any such thing....Did you checked them? Are they related to any
vulnerability?

Regards,
Taneja Vikas
http://annysoft.wordpress.com


On 9/20/07, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
>
> > My upcoming research feature everything regarding this and the issue you
> > have
> > already discussed.
>
> really :).. which one... the one from last year?
>
> On 9/20/07, Aditya K Sood <zeroknock@...niche.org> wrote:
> > pdp (architect) wrote:
> > > http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
> > >
> > > I am closing the season with the following HIGH Risk vulnerability:
> > > Adobe Acrobat/Reader PDF documents can be used to compromise your
> > > Windows box. Completely!!! Invisibly and unwillingly!!! All it takes
> > > is to open a PDF document or stumble across a page which embeds one.
> > >
> > > The issue is quite critical given the fact that PDF documents are in
> > > the core of today's modern business. This and the fact that it may
> > > take a while for Adobe to fix their closed source product, are the
> > > reasons why I am not going to publish any POCs. You have to take my
> > > word for it. The POCs will be released when an update is available.
> > >
> > > Adobe's representatives can contact me from the usual place. My advise
> > > for you is not to open any PDF files (locally or remotely). Other PDF
> > > viewers might be vulnerable too. The issues was verified on Windows XP
> > > SP2 with the latest Adobe Reader 8.1, although previous versions and
> > > other setups are also affected.
> > >
> > > A formal summary and conclusion of the GNUCITIZEN bug hunt to be
> expected soon.
> > >
> > > cheers
> > >
> > >
> > Hi
> >
> >          Your point is right. But there are a number of factors other
> > than this
> > in exploiting pdf  in other sense. My latest research is working over
> the
> > exploitation of PDF.
> >
> > Even if you look at the core then there are no restriction on READ in
> PDF
> > in most of the versions. Only outbound data is filtered to some extent.
> you
> > can even read /etc/passwd file from inside of PDF.
> >
> > Other infection vector includes infection through Local Area Networks
> > through
> > sharing and printing PDF docs and all.
> >
> > My upcoming research feature everything regarding this and the issue you
> > have
> > already discussed.
> >
> > Regards
> > Aks
> > http://ww.secniche.org
> >
> >
> >
>
>
> --
> pdp (architect) | petko d. petkov
> http://www.gnucitizen.org
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ