Full Disclosure mailing list archives
RE: Unsecure file permission of ZoneAlarm pro.
From: "Matthew Farrenkopf" <farrenkm () ohsu edu>
Date: Fri, 20 Aug 2004 14:37:41 -0700
Ron DuFresne <dufresne () winternet com> 8/20/2004 1:10:21 PM:
yet, if I read this properly it wasnpt simply and open e-mail
attachment
issue was it, it was open attachment then make suggested changes to
the
system issue wasn't it? If I understood the problem, then it really requres more then a simple luser, it requires the most stupid of
lusers
for it to take. and in that case, we're perhaps better off with
them
DOS'ed? <smile>
Okay, so I didn't make myself clear. Hmm. My contention was that, if permissions are Full for Everyone, then the virus could write changes on its own. Depending on how it works, it's conceivable these changes are not detected by the TrueVector(R) driver. By making changes, that could trip ZA's integrity checks (at some point; after rebooting, perhaps) and cause it to fail. By failing, the user can no longer connect to the Internet and may not understand why or know what to do about it. E-mail w/virus -> (L)user opens -> Runs attachment -> Attachment makes changes to key ZA files since permissions are wide open -> ZA fails integrity check -> denies Internet access. That is the full timeline I had in mind, and the nature of the DoS. Your suggestion reminds me of the "(insert name of group of people here) Virus" (I Googled it to the Kentucky Virus, but I'm sure it has other names), whereby the virus works on the honor system and the user should erase his/her own hard drive. :-) Matt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load), (continued)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Barrie Dempster (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Barrie Dempster (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- Re: Unsecure file permission of ZoneAlarm pro. Barry Fitzgerald (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Ron DuFresne (Aug 20)