[Esd-l] What file-endings should be stopped for this ?
Bjarni R. Einarsson
bre at klaki.net
Thu Feb 28 21:29:01 PST 2002
On 2002-02-27, 06:42:22 (-0800), John D. Hardin wrote:
>
> Sigh. I wonder how long it will be before Msoft figures a way to embed
> auto-executable scripting into .TXT files? "Bugtraq: remotely
Um. Serious work has been done in that direction, with promising
results. I'm not kidding:
http://lists.insecure.org/vuln-dev/2001/Nov/0016.html
Executive summary: "Type a text file in the NT console and your
machine will reboot due to kernel memory corruption."
My theory: if you can overwrite kernel-space memory bad enough to
reboot the machine, then the creative hacker can probably do
something even more interesting.
To me, this bug speaks volumes about the quality of Microsoft's
code. To be fair, this bug probably isn't directly exploitable via.
email, and this message is therefore a little bit off-topic.
But I thought you might find it humorous. :-)
--
Bjarni R. Einarsson PGP: 02764305, B7A3AB89
bre at klaki.net -><- http://bre.klaki.net/
Check out my open-source email sanitizer: http://mailtools.anomy.net/
Spammers, please send plenty of email to: agoat at klaki.net
More information about the esd-l
mailing list