Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation)
From: "Eric Paynter" <eric () arcticbears com>
Date: Fri, 9 Jul 2004 09:26:23 -0700 (PDT)

On Fri, July 9, 2004 7:43 am, http-equiv () excite com said:
There are lots of little .tmp files generated and accessible
remotely to be had, Adobe *.pdf's and  a vast array of Microsoft
Office 2003 crud to name just two. Many others which have been
identified and discussed in the past as well.

I think:

mount /dev/xxxx /tmp -o noexec

would reduce the risk significantly. Can you do something equivalent in
Windows?

-Eric

--
arctic bears - affordable custom email and name services
http://www.arcticbears.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]