|
Full Disclosure
mailing list archives
Re: DLL hijacking with Autorun on a USB drive
From: Christian Sciberras <uuf6429 () gmail com>
Date: Wed, 1 Sep 2010 00:57:42 +0200
From a user perspective, why can't someone run Solitaire.exe off a
USB? (as a plain example)
Consider exploits, such as BOFs caused by bad file formats, how do you
know which is secure or not?
The main difference between a BOF and this issue is that it is a
software fault, whereas the hijack "issue" is nothing less than an
impractical nitpick.
On Wed, Sep 1, 2010 at 12:34 AM, <paul.szabo () sydney edu au> wrote:
Christian Sciberras <uuf6429 () gmail com> wrote:
Why do you say harmless? Because you know a text file can't do
anything at all.
Exactly. The victim is attempting to view a plain text file. Surely
that can be done safely?
Cheers, Paul
Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
