Vulnerability Development mailing list archives
Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs
From: mrousseau () LABCAL COM (Maxime Rousseau)
Date: Fri, 12 May 2000 12:21:50 -0400
This argument makes no sense at all, if your scripting hosts are trojanted i think you have problems FAR more serious then having your .vbs always authenticates. Its pointless to assume protection where your trusted base is no longer trustable. Masial ! -----Original Message----- ! From: Daniel S. Otis-Vigil ! Sent: Friday, May 12, 2000 12:19 AM ! Subject: Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs ! ! What's to stop a trojaner from just replacing wscript.exe and or cscript.exe ! with their own copy that always authenticates?
Current thread:
- xsoldier mandrake exploit. egid=games with the right shellcode, (continued)
- xsoldier mandrake exploit. egid=games with the right shellcode Larry C$ (May 15)
- Re: QPOP2.5* exploit ?? rpc (May 14)
- Fwd: [Newssubmission: Security vulnerability in the ICS HTTPServer component] TLsecurity.net (May 14)
- Re: regarding phrack49's stack smashing tutorial Pavel Kankovsky (May 14)
- Re: regarding phrack49's stack smashing tutorial Darshan Patil (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Richard Rager (May 13)
- is: tcp/ip vuln, not?... was: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 13)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Crispin Cowan (May 15)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Jason Legate (May 17)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 13)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Maxime Rousseau (May 12)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Richard Rager (May 13)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Daniel P. Zepeda (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 16)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Istvan Takacs (May 15)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 16)