Bugtraq mailing list archives
More bad censorware
From: jpp () CLOUDVIEW COM (John Pettitt)
Date: Fri, 21 Jul 2000 22:26:40 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Given the recent article on slashdot about COPA and BAIR I thought I'd do a quick review of this software from a security perspective. I expected that I would take a couple of hours and break the password system or some similar weakness. In fact I managed to disable it entirely in less than 60 seconds! The BAIR program runs at system startup and prevents access to the IE Internet options menu and also prevents regedit from being run. However it does not lock down the registry - so a simple program (I used Reg Run II) can remove the registry key that starts BAIR (it's "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BAIR Secure" for those who care). Remove the key, reboot, reset the proxy setting and presto full access. Sigh. John Pettitt <jpp () cloudview com> AOL-IM: CanisRosa SigInt bait ;-) A big hello to the folks at Fort Meade, Menwith Hill and Pine Gap. Keywords: NSA, Echelon, GCHQ, F83, Magnum, Mentor, P415, STEEPLEBUSH -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 Comment: Get my keys from the pgp.com LDAP server iQA/AwUBOXkwkKdEVMR4hjZYEQIFaACgjl6shlmX+i7njygDvGxVQyyh1ycAoMfk OXq77kib+hrkCMRebY0QEjMB =FHBz -----END PGP SIGNATURE-----
Current thread:
- Re: StackGuard with ... Re: [Paper] Format bugs., (continued)
- Re: StackGuard with ... Re: [Paper] Format bugs. Alan DeKok (Jul 22)
- Re: StackGuard with ... Re: [Paper] Format bugs. Keith Owens (Jul 24)
- Re: StackGuard with ... Re: [Paper] Format bugs. Greg A. Woods (Jul 24)
- Re: StackGuard with ... Re: [Paper] Format bugs. Gerardo Richarte (Jul 24)
- Re: StackGuard with ... Re: [Paper] Format bugs. Greg A. Woods (Jul 25)
- Re: StackGuard with ... Re: [Paper] Format bugs. Theo de Raadt (Jul 24)
- Chasing bugs / vulnerabilties Michael S Hines (Jul 24)
- Re: Chasing bugs / vulnerabilties Kurt Seifried (Jul 25)
- Re: StackGuard with ... Re: [Paper] Format bugs. Pascal Bouchareine (Jul 21)
- Re: StackGuard with ... Re: [Paper] Format Ronald Huizer [Crew] (Jul 24)
- More bad censorware John Pettitt (Jul 21)
- Re: StackGuard with ... Re: [Paper] Format bugs. Gerardo Richarte (Jul 24)
- Trustix Security Advisory - nfs-utils Oystein Viggen (Jul 18)
- Re: [RHSA-2000:043-02] Updated package for nfs-utils available Andrea Costantino (Jul 18)
- Re: [RHSA-2000:043-02] Updated package for nfs-utils available Matt Wilson (Jul 18)
- Update on TooRcon Computer Security Expo Ben (Jul 18)
- "Best Practices for Secure Web Development" whitepaper Razvan Peteanu (Jul 18)