Bugtraq mailing list archives

More bad censorware

From: jpp () CLOUDVIEW COM (John Pettitt)
Date: Fri, 21 Jul 2000 22:26:40 -0700


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Given the recent article on slashdot about COPA and BAIR

I thought I'd do a quick review of this software from a security
perspective.   I expected that I would take a couple of hours and break the
password system or some similar weakness.

In fact I managed to disable it entirely in less than 60 seconds!

The BAIR program runs at system startup and prevents access to the IE
Internet options menu and also prevents regedit from being run.  However it
does not lock down the registry - so a simple program (I used Reg Run II)
can remove the registry key that starts BAIR (it's
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BAIR
Secure" for those who care).

Remove the key, reboot, reset the proxy setting and presto full access.

Sigh.

John Pettitt <jpp () cloudview com>  AOL-IM: CanisRosa

SigInt bait ;-)
    A big hello to the folks at Fort Meade, Menwith Hill and Pine Gap.
    Keywords: NSA, Echelon, GCHQ, F83, Magnum, Mentor, P415, STEEPLEBUSH

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
Comment: Get my keys from the pgp.com LDAP server

iQA/AwUBOXkwkKdEVMR4hjZYEQIFaACgjl6shlmX+i7njygDvGxVQyyh1ycAoMfk
OXq77kib+hrkCMRebY0QEjMB
=FHBz
-----END PGP SIGNATURE-----

Current thread:

Re: StackGuard with ... Re: [Paper] Format bugs., (continued)
- - - Re: StackGuard with ... Re: [Paper] Format bugs. Alan DeKok (Jul 22)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Keith Owens (Jul 24)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Greg A. Woods (Jul 24)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Gerardo Richarte (Jul 24)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Greg A. Woods (Jul 25)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Theo de Raadt (Jul 24)
    - Chasing bugs / vulnerabilties Michael S Hines (Jul 24)
    - Re: Chasing bugs / vulnerabilties Kurt Seifried (Jul 25)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Pascal Bouchareine (Jul 21)
    - Re: StackGuard with ... Re: [Paper] Format Ronald Huizer [Crew] (Jul 24)
    - More bad censorware John Pettitt (Jul 21)
    - Re: StackGuard with ... Re: [Paper] Format bugs. Gerardo Richarte (Jul 24)
  - S21SEC-003: Vulnerabilities in CommuniGate Pro v3.2.4 Lluis Mora (Jul 17)
  - [COVERT-2000-07] LISTSERV Web Archive Remote Overflow COVERT Labs (Jul 17)
  - [RHSA-2000:043-02] Updated package for nfs-utils available bugzilla () REDHAT COM (Jul 17)
    - Trustix Security Advisory - nfs-utils Oystein Viggen (Jul 18)
    - Re: [RHSA-2000:043-02] Updated package for nfs-utils available Andrea Costantino (Jul 18)
    - Re: [RHSA-2000:043-02] Updated package for nfs-utils available Matt Wilson (Jul 18)
    - Update on TooRcon Computer Security Expo Ben (Jul 18)
    - "Best Practices for Secure Web Development" whitepaper Razvan Peteanu (Jul 18)
    - [Security Announce] MDKSA-2000:021 nfs-utils update Linux Mandrake Security Team (Jul 18)

(Thread continues...)