Bugtraq: Re[2]: [funsec] WMF round-up, updates and de-mystification

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re[2]: [funsec] WMF round-up, updates and de-mystification

From: Pierre Vandevenne <pierre () datarescue com>
Date: Tue, 3 Jan 2006 14:42:06 +0100

Good Day,

Tuesday, January 3, 2006, 12:59:22 PM, you wrote:

GE>> The "patch" by Ilfak Guilfanov works, but by disabling a DLL in Windows.
PV>> I wouldn't say it does that. If you really want to simplify it in the
LS> extreme, it hides the vulnerable function.  

LS> Think of it as a "White Hat Rootkit"

Or merely a TSR hooking an interrupt vector. It doesn't hide itself.
It doesn't allow any kind of remote access to anything.

I can't see how it could even be remotely described as a rootkit.


-- 
Best regards,
 Pierre                            mailto:pierre () datarescue com

By Date By Thread

Current thread:

Re: [Full-disclosure] WMF round-up, updates and de-mystification, (continued)
- Re: [Full-disclosure] WMF round-up, updates and de-mystification InfoSecBOFH (Jan 03)
  - RE: [Full-disclosure] WMF round-up, updates and de-mystification Larry Seltzer (Jan 03)
- Re: [funsec] WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 03)
  - Re: WMF round-up, updates and de-mystification Gadi Evron (Jan 03)
  - RE: [funsec] WMF round-up, updates and de-mystification Larry Seltzer (Jan 03)
    - Re[2]: [funsec] WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 04)
- Re: WMF round-up, updates and de-mystification Adam Shostack (Jan 04)
- RE: WMF round-up, updates and de-mystification Krpata, Tyler (Jan 04)