Re: Linux - Poster child for security glitches

From: Peter Köhlmann (Peter.Koehlmann@t-online.de)
Date: 11/25/02

• Next message: Floyd Davidson: "Re: Linux - Poster child for security glitches"
• Previous message: Kasper Dupont: "Re: Linux - Poster child for security glitches"
• In reply to: Kasper Dupont: "Re: Linux - Poster child for security glitches"
• Next in thread: Floyd Davidson: "Re: Linux - Poster child for security glitches"
• Reply: Floyd Davidson: "Re: Linux - Poster child for security glitches"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Peter Köhlmann <Peter.Koehlmann@t-online.de>
Date: Mon, 25 Nov 2002 12:44:13 +0100

Kasper Dupont wrote:

> Erik Funkenbusch wrote:
>>
>> nospam <ononono@nospam.com> wrote:
>> >> In article <3ddf5623.120319830@news1.attglobal.net>, Subba Rao
>> >> wrote: And we're *always* hearing about e-mail trojan horses running
>> >> amok because the e-mail client will run the trojan horse simply by
>> >> having the preview pane of the e-mail client open.
>> > Interesting!!!
>> > And which email client would that be?
>>
>> It's not as if Windows is alone in that problem. For instance,
>> Fetchmail, prior to the recent patch, will execute arbitrary code
>> simply by *RECEIVING*
>> an email. You don't even have to open or preview it.
>
> KMail has also done a good job in becoming vulnurable.
> Here is a story about KMail starting Wine just so it
> could execute the klez virus:
>
> http://articles.linuxguru.net/view/198
>
> The article incorrectly makes this sound like a Wine
> problem, obviously it is a KMail problem.
>

It is also incorrect about certain Wine setup stuff.
I am not at all sure if it is not just a hoax

And what site is this running on? It is slow as hell, with ping times of
about 140ms.

Peter

-- 
I doubt, therefore I might be.

---

• Next message: Floyd Davidson: "Re: Linux - Poster child for security glitches"
• Previous message: Kasper Dupont: "Re: Linux - Poster child for security glitches"
• In reply to: Kasper Dupont: "Re: Linux - Poster child for security glitches"
• Next in thread: Floyd Davidson: "Re: Linux - Poster child for security glitches"
• Reply: Floyd Davidson: "Re: Linux - Poster child for security glitches"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Linux - Poster child for security glitches ... >> And which email client would that be? ... > prior to the recent patch, will execute arbitrary code simply by *RECEIVING* ... KMail has also done a good job in becoming vulnurable. ... The article incorrectly makes this sound like a Wine ... (comp.os.linux.security) Re: [SLE] [OT] Proposed SuSE List Etiquette ... to my address book and created a short nickname, ... That too is easily fixed with proper mailer, ... Kmail has one of those brain-dead regions as well. ... different email client or by fixing it manually ... (SuSE) Re: [SLE] [OT] Proposed SuSE List Etiquette ... That too is easily fixed with proper mailer, ... Kmail has one of those brain-dead regions as well. ... up with a message set up with NO adressee... ... different email client or by fixing it manually ... (SuSE) Re: [opensuse] SuSE tainted ... With Kmail, you can even assign an entire thread to ... and those complaining that its too hard ... to wade thru need to learn how to run their email client. ... (SuSE) Re: email client ... > How do I do that and which email client is easy to use? ... kmail or mutt are the de-facto MUAs. ... I use mutt, myself, but Windows ... `'` proud Debian admin and user ... (Debian-User)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2002-11