[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] re jpeg vuln
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] re jpeg vuln
- From: "mike gringo" <mikieboy@xxxxxxxxxxxxxx>
- Date: Thu, 16 Sep 2004 22:30:35 +0000
have previously posted to list under real name of michael simpson so excuse the
diff address but maybe shouldn't do this thru work
I remember when Cass first told me about the netscape_crash jpeg odd behaviour
with windows xp and as i run some xp boxen for the family i had a wee peek
interesting behaviour that i noted was
when it was sitting on a network folder, any attempt to axs folder by a -at
that time unpatched- box it would lead to the usual explorer crash without the
necessary user intervention of the click
i presume this is due to xp's sneaky peaky cachety looksie that it does with
network folders.
use for this
if one was to astonishingly find oneself in a surprisingly hostile relationship
with the IT dept, say, at my place of work
and you knew that they were rummaging through the network thru your files, and
that they were running a "vuln" os and that they weren't very sophisticated
then you could liberally sprinkle both examples of the jpeg bug (strength in
depth) throughout the fs especially in the usual places, stuff etc
nothing there to see, not wanting to "piss on my chips" as they do pay the
mortgage and i'm pretty certain that they don't read my FD folder
just a thought
mike
--
_______________________________________________
Get your free email from http://www.hackermail.com
Powered by Outblaze
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html