Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup

From: Ansgar -59cobalt- Wiechers <bugtraq_at_planetcobalt.net>
Date: Tue, 18 Apr 2006 01:06:22 +0200

On 2006-04-15 Thor (Hammer of God) wrote:
> It's a simple method to bypass malicious host file modification.

Make that "pointless method" and it's correct. To modify the hosts file
(or its location) malware would need administrative privileges. With
admin privileges the malware can do whatever it pleases, including but
not limited to bypassing or replacing the entire DNS resolver.

Regards
Ansgar Wiechers

-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

Received on Apr 18 2006

This message: [ Message body ]
Next message: Florian Weimer: "Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk"
Previous message: jat-public01_at_jaet.org: "Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk"
In reply to: Thor (Hammer of God): "Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup"
Next in thread: Paul Wouters: "Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]