lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.00.1201191158020.10472@localhost.localdomain>
Date: Thu, 19 Jan 2012 12:04:57 +0100 (CET)
From: Juergen Schmidt <ju@...de>
To: Floste <floste@....de>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Avast Antivirus

On Tue, 17 Jan 2012, Floste wrote:

> Hello,
>
> Avast Antivirus also comes with sandbox and a "SafeZone". But both can
> be circumvented using simple dll-injection and they seem to do nothing
> about it: http://forum.avast.com/index.php?topic=82291.0
>
> Maybe this post here will encourage them to fix it.

In my understanding a sandbox is not supposed to prevent you from getting 
in from the outside but from escaping from the inside. So if a sandboxed 
process injects a DLL in say a running IE process outside -- then we are 
talking about vulns


bye, ju



--
Juergen Schmidt       Chefredakteur  heise Security     www.heisec.de
Heise Zeitschriften Verlag, Karl-Wiechert-Allee 10 ,   D-30625 Hannover
Tel. +49 511 5352 300      FAX +49 511 5352 417       EMail ju@...sec.de
GPG-Key: 0x38EA4970,  5D7B 476D 84D5 94FF E7C5  67BE F895 0A18 38EA 4970

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ