Full Disclosure mailing list archives
Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe
From: Reindl Harald <h.reindl () thelounge net>
Date: Wed, 21 May 2014 19:46:15 +0200
Am 21.05.2014 19:39, schrieb Tavis Ormandy:
1. The users who do not have Administrator privileges; These users cannot exploit this issue, because they can't write to C:\ 2. The users who do have Administrator privileges. These users can write to C:\, but why bother, they're already Administrators?
you just don't understand the problem creating "C:\Program.exe" with whatever permissions should not lead in any random installer ist executing that
Of course, this changes if someone can demonstrate how to create C:\Program.exe without Administrator access
you just don't understand the problem the existence of "C:\Program.exe" must not have any bad affect for any random installer not intending to execute this and the fact a installer executes that because it simply exists shows a *general flaw* in that installer
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Stefan Kanthak (May 20)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Tavis Ormandy (May 20)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Project Un1c0rn (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Tavis Ormandy (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Project Un1c0rn (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe coderaptor (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Tavis Ormandy (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Reindl Harald (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Michal Zalewski (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Stefan Kanthak (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Reindl Harald (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Michal Zalewski (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Mario Vilas (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Project Un1c0rn (May 21)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe Tavis Ormandy (May 20)
- Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe coderaptor (May 22)