Full Disclosure mailing list archives
RE: Unsecure file permission of ZoneAlarm pro.
From: "Todd Towles" <toddtowles () brookshires com>
Date: Mon, 23 Aug 2004 09:31:43 -0500
No one was ever do that? That is up there on the possible scale with a encrypted zip file that is mailed to a user and asked them to input the word, open the zip and run the file. That would never happen....wait.. =) -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Ron DuFresne Sent: Friday, August 20, 2004 3:10 PM To: Matthew Farrenkopf Cc: Todd Towles; full-disclosure () lists netsys com; jlacour () zonelabs com; security () zonelabs com Subject: RE: [Full-disclosure] Unsecure file permission of ZoneAlarm pro. yet, if I read this properly it wasnpt simply and open e-mail attachment issue was it, it was open attachment then make suggested changes to the system issue wasn't it? If I understood the problem, then it really requres more then a simple luser, it requires the most stupid of lusers for it to take. and in that case, we're perhaps better off with them DOS'ed? <smile> thanks, Ron DuFresne
However, this would still make it prime for a DoS attack by the next strain of e-mail virus. And most users who are not knowledgeable (those who would be opening the attachment in the first place) would probably not understand why they, now, cannot connect to the Internet. Matt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load), (continued)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) Barrie Dempster (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 23)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- Re: Unsecure file permission of ZoneAlarm pro. (ZA will fail to load) bipin gautam (Aug 22)
- RE: Unsecure file permission of ZoneAlarm pro. Todd Towles (Aug 20)
- Re: Unsecure file permission of ZoneAlarm pro. Barry Fitzgerald (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Todd Towles (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Matthew Farrenkopf (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Ron DuFresne (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Matthew Farrenkopf (Aug 20)
- RE: Unsecure file permission of ZoneAlarm pro. Todd Towles (Aug 23)