Bugtraq mailing list archives
RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)
From: "Drew Copley" <dcopley () eeye com>
Date: Fri, 20 Feb 2004 14:58:07 -0800
-----Original Message----- From: http-equiv () excite com [mailto:1 () malware com] Sent: Friday, February 20, 2004 1:37 PM To: bugtraq () securityfocus com Subject: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) <!--Being able to store arbitrary content in a predictable file location is a vulnerability category of its ownAn interesting category, for sure. I think this point deserves discussion. Is the use of predictable file locations really a vulnerability? --> If it isn't it should be. I'll give you four that have been put on the back-burner for later realization (make a note that this will be fair warning to the vendor):
If the predictable path involves server or client access, then it is definitely a security bug. It may be moderate or low risk depending on the potentiality of abuse and perhaps other factors. But, as a security bug it should be higher risk then high risk, non-security issues. With Internet Explorer or Outlook or Winamp and so on... These kinds of client applications have shown that these issues tend more towards being moderate security issues of the "configuration error" type. Anyway, not to be dogmatic, but I do believe this is reasonable. If Microsoft is not fixing these issues because they do not consider them security issues nor even bugs then they are obviously negligent and grossly so. <snip>
The vendor in all cases, just cannot be bothered to fix any of these things. Simply does not care. It seems that the new mantra is "none of our customer's are affected by it" so let's not fix it. WATCH OUT ! All these will culminate in yet another STENCH ! exploit sooner or later. That is a true predicatable path. End Call -- http://www.malware.com
Current thread:
- is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Stuart Moore (Feb 20)
- <Possible follow-ups>
- RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley (Feb 20)
- Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) http-equiv () excite com (Feb 20)
- RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) Drew Copley (Feb 20)