re jpeg vuln

["mike gringo" <mikieboy () hackermail com>]

have previously posted to list under real name of michael simpson so excuse the diff address but maybe shouldn't do 
this thru work

I remember when Cass first told me about the netscape_crash jpeg odd behaviour with windows xp and as i run some xp 
boxen for the family i had a wee peek
interesting behaviour that i noted was
when it was sitting on a network folder, any attempt to axs folder by a -at that time unpatched- box it would lead to 
the usual explorer crash without the necessary user intervention of the click
i presume this is due to xp's sneaky peaky cachety looksie that it does with network folders.
use for this 
if one was to astonishingly find oneself in a surprisingly hostile relationship with the IT dept, say, at my place of 
work
and you knew that they were rummaging through the network thru your files, and that they were running a "vuln" os and 
that they weren't very sophisticated then you could liberally sprinkle both examples of the jpeg bug (strength in 
depth) throughout the fs especially in the usual places, stuff etc 

nothing there to see, not wanting to "piss on my chips" as they do pay the mortgage and i'm pretty certain that they 
don't read my FD folder
just a thought

mike
-- 
_______________________________________________
Get your free email from http://www.hackermail.com

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html