|
Bugtraq
mailing list archives
More bad censorware
From: jpp () CLOUDVIEW COM (John Pettitt)
Date: Fri, 21 Jul 2000 22:26:40 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Given the recent article on slashdot about COPA and BAIR
I thought I'd do a quick review of this software from a security
perspective. I expected that I would take a couple of hours and break the
password system or some similar weakness.
In fact I managed to disable it entirely in less than 60 seconds!
The BAIR program runs at system startup and prevents access to the IE
Internet options menu and also prevents regedit from being run. However it
does not lock down the registry - so a simple program (I used Reg Run II)
can remove the registry key that starts BAIR (it's
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BAIR
Secure" for those who care).
Remove the key, reboot, reset the proxy setting and presto full access.
Sigh.
John Pettitt <jpp () cloudview com> AOL-IM: CanisRosa
SigInt bait ;-)
A big hello to the folks at Fort Meade, Menwith Hill and Pine Gap.
Keywords: NSA, Echelon, GCHQ, F83, Magnum, Mentor, P415, STEEPLEBUSH
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
Comment: Get my keys from the pgp.com LDAP server
iQA/AwUBOXkwkKdEVMR4hjZYEQIFaACgjl6shlmX+i7njygDvGxVQyyh1ycAoMfk
OXq77kib+hrkCMRebY0QEjMB
=FHBz
-----END PGP SIGNATURE-----
 By Date 
By Thread
Current thread:
S21SEC-003: Vulnerabilities in CommuniGate Pro v3.2.4 Lluis Mora (Jul 17)
[COVERT-2000-07] LISTSERV Web Archive Remote Overflow COVERT Labs (Jul 17)
[RHSA-2000:043-02] Updated package for nfs-utils available bugzilla () REDHAT COM (Jul 17)
|
Intro
