Vulnerability Development mailing list archives
Re: Outlook HTML VBS (demo)
From: mrousseau () SECURED ORG (Masial)
Date: Mon, 22 May 2000 12:39:18 -0400
This is a problem with my S/MIME signature. I was testing some stuff about it but that eMail wasnt supposed to go out signed... this is a totally seperate issue but interesting nontheless. On the other hand... the signature should be valid, maybe there is an issue with signing content that is 'dynamic' ? BB also asks what could you possibly do with this kind of thing. There is quite alot of possibilities, you could try and exploit a vulnerable activeX on the system, or have it re-install an old vulnerable version and then exploit it. This is all pretty much speculations but i recall that Microsoft signed software can be silently installed on computers (thanks MS!). This can be used in conjunction with the lastest activex objects vulnerabilities (remember my BubbleBoy interest?). My guess is, given a couple of coding hours, one could craft a virus smart enough to install itself deep into the system via a couple of tricks that could be harmless when not used together. I'm not too hot about doing one at the moment given the recent ILY and NLove issues, the (clueless?) FBI might just come at me too, heh. It would be prudent to take mesures if the message box did pop on your system. M. Secured Industries Why fear the unknown? 22E2 812A 50AA DC3B 107D 60E2 9998 959E 10E3 6031
-----Original Message----- From: Michael Hendy Sent: Sunday, May 21, 2000 9:14 PM Subject: Re: Outlook HTML VBS (demo) Masial, I don't know what it was that you sent because, when I tried to open up your email I got the following, never before seen Outlook alert message: "Can't open this item. Your key set can not be found by the underlying security system." Does anyone know what it means.
Current thread:
- TopLayer layer 7 switch Advisory, (continued)
- TopLayer layer 7 switch Advisory User nawk (May 20)
- Re: chsh Segfault on FreeBSD 3.3 Pavol Luptak (May 20)
- Re: possible new "e-mail virus" concept ? + bypassing IE settings Taneli Huuskonen (May 19)
- CAU Technologies, Inc. Security Advisory 2000.05.19.001 : Default Syslog Installations Security Advisory (May 19)
- UPDATE on possible new "e-mail virus" concept ? Zoa_Chien (May 19)
- Re: UPDATE on possible new "e-mail virus" concept ? Jim Paris (May 19)
- Re: UPDATE on possible new "e-mail virus" concept ? Jon Williams (May 20)
- Windows IP Fragment Reassembly Vulnerability Masial (May 20)
- Re: Windows IP Fragment Reassembly Vulnerability Mikael Olsson (May 21)
- Re: Outlook HTML VBS (demo) Michael Hendy (May 21)
- Re: Outlook HTML VBS (demo) Masial (May 22)
- Re: Windows IP Fragment Reassembly Vulnerability Blue Boar (May 21)
- Re: UPDATE on possible new "e-mail virus" concept ? Jim Paris (May 19)
- krb5 1.1.1 Mariusz Woloszyn (May 22)
- Re: Windows IP Fragment Reassembly Vulnerability Pete Philips (May 23)
- Re: UPDATE on possible new "e-mail virus" concept ? Bluefish (May 20)
- Re: possible new "e-mail virus" concept ? + bypassing IE settings Silvio L. Nisgoski (May 19)
- Anyone have a copy of the New LoveYou code! Rich Dube (May 19)