Re: Ten least secure programs
From: David (dcorking_at_yahoo.fr)
Date: 07/07/03
- Previous message: Elvis Ortiz: "Re: proxy - epilot"
- In reply to: David: "Re: Ten least secure programs"
- Next in thread: Chris Berry: "Re: Ten least secure programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 7 Jul 2003 17:39:57 -0400 To: security-basics@securityfocus.com
On Sun, 06 Jul 2003, David Corking wrote:
> On Wed, 02 Jul 2003, Chris Berry wrote:
>
> > >From: "Roger A. Grimes" <rogerg@cox.net>
> > >It won't load Flash, RealPlayer, Windows Media Player, or most other
> > >plug-ins or Helper
> > >Applications.
> >
> > Good, 95% of these have no legitimate business application anyways, and if
> > they do I can enable them for that user.
>
> The Acrobat Reader plug-in is considered by IE to be an ActiveX
> control. This is where I have to say yes when prompted.
>
> I have heard of the potential of malicious pdf files - but I have not
> heard a specific example. Other security-basics readers know of any?
I need to answer my own question - I forgot about this (snipped from
lwn.net June 26) Of course this is not an exploit of Adobe Acrobat
Reader, but that this exists in another browser's interface to another
PDF viewer pretty much negates my point. Presumably IDS of various
types become the only defence from as yet undiscovered attacks, if you
don't want to ban PDF.
kde: arbitrary code execution
Package(s): kde
CVE #(s): CAN-2003-0204
Created: April 10, 2003 Updated: June 30, 2003
Description: The KDE Security team has issued an advisory on a
vulnerability present in all versions of KDE that allow a remote
attacker to execute arbitrary commands under your account. KDE 3.0.5b
and KDE 3.1.1a have been released to address this problem. For KDE
2.2.2 patches to the KDE 2.2.2 sources have been made available.
KDE uses Ghostscript software for processing of PostScript (PS) and
PDF files in a way that allows for the execution of arbitrary commands
that can be contained in such files.
An attacker can prepare a malicious PostScript or PDF file which will
provide the attacker with access to the victim's account and
privileges when the victim opens this malicious file for viewing or
when the victim browses a directory containing such malicious file and
has file previews enabled.
An attacker can provide malicious files remotely to a victim in an
e-mail, as part of a webpage, via an ftp server and possible other
means.
Alerts: Conectiva CLA-2003:668 2003-06-30
Red Hat RHSA-2003:002-01 2003-05-12
Debian DSA-296-1 2003-04-30
Mandrake MDKSA-2003:049-1 2003-04-24
SuSE SuSE-SA:2003:0026 2003-04-24
Debian DSA-293-1 2003-04-23
Slackware sl-1050682024 2003-04-18
Mandrake MDKSA-2003:049 2003-04-17
Sorcerer SORCERER2003-04-12 2003-04-12
Debian DSA-284-1 2003-04-12
Gentoo 200304-05 2003-04-11
Gentoo 200304-04 2003-04-10
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
- Previous message: Elvis Ortiz: "Re: proxy - epilot"
- In reply to: David: "Re: Ten least secure programs"
- Next in thread: Chris Berry: "Re: Ten least secure programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
