Re[2]: [Full-Disclosure] Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation)

From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 07/09/04

  • Next message: Kurt Lieber: "[Full-Disclosure] [ GLSA 200407-08 ] Ethereal: Multiple security problems" 
    To: "Eric Paynter" <eric@arcticbears.com>
Date: Fri, 9 Jul 2004 20:41:58 +0400

    Dear Eric Paynter,

    Yes, it's possible and I always recommend to deny execution in user's
    profile and home directory. But HTML file doesn't need execute
    permission to open. Of cause, in this case then trojan gets executed
    it's harder to infect system, but it's still possible to steal some
    information.

    --Friday, July 9, 2004, 8:26:23 PM, you wrote to full-disclosure@lists.netsys.com:

    EP> On Fri, July 9, 2004 7:43 am, http-equiv@excite.com said:
    >> There are lots of little .tmp files generated and accessible
    >> remotely to be had, Adobe *.pdf's and a vast array of Microsoft
    >> Office 2003 crud to name just two. Many others which have been
    >> identified and discussed in the past as well.

    EP> I think:

    EP> mount /dev/xxxx /tmp -o noexec

    EP> would reduce the risk significantly. Can you do something equivalent in
    EP> Windows?

    EP> -Eric

    EP> --
    EP> arctic bears - affordable custom email and name services
    EP> http://www.arcticbears.com

    EP> _______________________________________________
    EP> Full-Disclosure - We believe in it.
    EP> Charter: http://lists.netsys.com/full-disclosure-charter.html 

    -- 
~/ZARAZA
Существую лишь я сам, никуда не летя. (Лем)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: Kurt Lieber: "[Full-Disclosure] [ GLSA 200407-08 ] Ethereal: Multiple security problems"

    Relevant Pages