Vulnerability Development mailing list archives
Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs
From: kb8rln () PENGUINMASTER COM (Richard Rager)
Date: Sat, 13 May 2000 11:55:00 -0600
On Fri, 12 May 2000, Maxime Rousseau wrote:
This argument makes no sense at all, if your scripting hosts are trojanted i think you have problems FAR more serious then having your .vbs always authenticates. Its pointless to assume protection where your trusted base is no longer trustable.
First I am depending of a good IT staff. (I know this is alot to ask for). The programs that can run will be the ones with a their key on the on the PKI server. If some one email a script or doc to you it will not run. This will include all OLE stuff too. I am not sure how the scripting hosts are going to get trojanted. You should have a PKI server just for internal users that can not get to the internet. Michael E. Harmer wrote the best discussion yet. Please read my responds. Enjoy, Richard
Current thread:
- Re: QPOP2.5* exploit ??, (continued)
- Re: QPOP2.5* exploit ?? rpc (May 14)
- Fwd: [Newssubmission: Security vulnerability in the ICS HTTPServer component] TLsecurity.net (May 14)
- Re: regarding phrack49's stack smashing tutorial Pavel Kankovsky (May 14)
- Re: regarding phrack49's stack smashing tutorial Darshan Patil (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Richard Rager (May 13)
- is: tcp/ip vuln, not?... was: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 13)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Crispin Cowan (May 15)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Jason Legate (May 17)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 13)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Maxime Rousseau (May 12)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Richard Rager (May 13)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Daniel P. Zepeda (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 16)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Istvan Takacs (May 15)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Bluefish (May 16)