Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
From: Philip Stoev <philip () EINET BG>
Date: Wed, 20 Sep 2000 11:27:27 +0300

----- Original Message -----
From: "Francis Favorini" <francis.favorini () DUKE EDU>

Of course the above does not protect against a user being tricked into
opening a document from a share under the attacker's control somewhere out
on the Internet.  "Standard firewall practices" blocking incoming and
outgoing NBT/CIFS/SMB should take care of that. ;-)

Hey, what about Web Folders? AFAIK, those go through vanilla HTTP and it is
not easy to block them all. Imagine the attacker presents himself as a
free-web-folder-space provider. The user mounts the remote web folder on his
system and you may get the same scenario as with an ordinary SMB share.
Anyone able to test?

 I always set up Temp directories to not allow Executing files

Again, this breaks Microsoft Setups, as well as other installs out there.

Philip


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]