funsec mailing list archives
Desktop search: A new attack vector for malware?
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 13 Jun 2007 09:04:53 -0400
Hi, Has any company looked into the issue of desktop search programs being an attack vector for malware? I'm wondering if a booby-trapped document file can be placed on a system that will cause a buffer error in a desktop search bot. The buffer overflow can then be used to install and run malware. Such a file can be delivered as an attached file to an email message or downloaded on the sly to a browser cache. Also can a desktop search bot be DoSed by having it index an exploding .ZIP which is modest in size but contains many terrabytes of document files? Richard _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Desktop search: A new attack vector for malware? Richard M. Smith (Jun 13)
- RE: Desktop search: A new attack vector for malware? Larry Seltzer (Jun 13)
- Re: Desktop search: A new attack vector for malware? Jordan Wiens (Jun 13)