Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New article on SecurityFocus

From: Robin <robin () kallisti net nz>
Date: Sat, 7 Jan 2006 14:22:10 +1300
On Saturday 07 January 2006 08:54, Brady McClenon wrote:

to begin with?!?  Obviously the user interacted with it at some point
in the past in order to put it there.  The exploit would have occurred
at that point, not when the file indexer finds it later!

Not necessarily. I don't know if it's still the case, but Eudora used to 
automatically save all attachments to a directory as they were received. 
I'd imagine that would be a nice and handy vector. Also, if Google 
Desktop should index browser caches, and the file was somehow safely 
downloaded by the browser, then it could potentially hit there. There are 
probably many other instances of apps automatically downloading and 
saving files in a 'safe place'.

-- 
Robin <robin () kallisti net nz> JabberID: <eythian () jabber kallisti net nz>

Hostes alienigeni me abduxerunt. Qui annus est?

PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8  7175 14D3 6485 A99C EB6D

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: