funsec mailing list archives
RE: Is The .WMF Exploit A ConsPiracy Gone Bad?
From: Larry/Spamhaus <lr () spamhaus org>
Date: Sat, 14 Jan 2006 00:11:43 +0000
At 10:14 AM 1/13/06 -0600, Todd Towles wrote:
> The Pod Cast was by Steve Gibson and can be heard here: > > http://media.grc.com/sn/SN-022-lq.mp3 > > Curious, if after you listen to how explicit this works, how > you will feel then? Well is Steve Gibson an employee of Microsoft? As far as my simple google search..no, but that is kinda beside the point. I haven't listen to the MP3 but it would seem that if Gibson stated what you said, then he was misformed, like many people were during that time. WSJ posted a message about the new "Metasploit" virus. They confused the new metasploit attack module and its use in a virus...while the metasploit itself is a tool and a pretty good one. My point is that misinformation was pretty big on the WMF event and it isn't suprising that some people still have it wrong. Of course, I know what I know from what I read...not sure where some of these people are reading.. ;)
Well, with all this chat I had to take a listen. If Gibson's correct in just the basic facts, this is exactly how I'd toss a back-door into something. Little used file-type vector, remotely triggerable, plenty of "checks" to make sure only my properly crafted stream would invoke the code execution. Then again, it's also the way I'd put in debug hooks I'd try remember to remove before ship date.
It'll just take one lawyer to smell blood and this'll be sorted out. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad?, (continued)
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad? Dude VanWinkle (Jan 15)
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad? Valdis . Kletnieks (Jan 15)
- RE: Is The .WMF Exploit A ConsPiracy Gone Bad? Barrie Dempster (Jan 13)
- RE: Is The .WMF Exploit A ConsPiracy Gone Bad? Todd Towles (Jan 13)
- RE: Is The .WMF Exploit A ConsPiracy Gone Bad? Larry Seltzer (Jan 13)
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad? Fergie (Jan 13)
- RE: Is The .WMF Exploit A ConsPiracy Gone Bad? Todd Towles (Jan 13)
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad? Fergie (Jan 13)
- RE: Is The .WMF Exploit A ConsPiracy Gone Bad? Todd Towles (Jan 13)
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad? Gadi Evron (Jan 13)
- RE: Is The .WMF Exploit A ConsPiracy Gone Bad? Larry/Spamhaus (Jan 13)
- Re: Is The .WMF Exploit A ConsPiracy Gone Bad? Don Kennedy (Jan 14)