Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: GUNINSKI THE SELF-PROMOTER

From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Jul 2003 10:26:32 -0400
On Tue, 15 Jul 2003 08:02:56 EDT, "Richard M. Smith" <rms () computerbytesman com>  said:

Ah yes, the Good Time virus.  What a silly idea that a virus can execute
simply by reading an email message.  Everyone knows that's
impossible........


Actually, that's *STILL* impossible.  As far as I am aware of, every single
"attack when you open the message" virus/worm is dependent on the fact that
certain mail programs confuse the concept of "reading the message text" and
"executing/interpreting code provided by an attacker". (OK - there's a mostly
theoretical attack overflowing a buffer or something in a 'more/less' type
program, and admittedly there's some borderline cases like the MIME header
overflow documented in CERT CA-1998-10).

Hint - think about why you need different security zones to defend you against
plain non-active text.  Those zones are only there because there's *ACTIVE*
content involved.

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: