Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: DJB's students release 44 *nix software vulnerability advisories
From: "milw0rm Inc." <milw0rm () gmail com>
Date: Tue, 21 Dec 2004 14:34:20 -0600

/* 
Two points.
Regarding local versus remote, look at it this way:  You have a 100%
secure system.  Then you install NASM.  Now a user FROM THE NETWORK can
send you some tainted assembly code for you to assemble and he can
compromise your account.
*/ 

quote "for you to assemble"

Its a user error.  Your not remotely exploiting anything but the trust
from the user.

//str0ke


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]