1995-09-23 - Re: Another Netscape Bug (and possible security hole)

Header Data

From: Aleph One <aleph1@dfw.net>
To: dmandl@panix.com
Message Hash: a1fa267f88a1ffd1b7d1f1ecf34638274d696824c450bf3a2ae26df396eeb05e
Message ID: <Pine.SUN.3.90.950922194817.11370A-100000@dfw.net>
Reply To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
UTC Datetime: 1995-09-23 00:53:21 UTC
Raw Date: Fri, 22 Sep 95 17:53:21 PDT

Raw message

From: Aleph One <aleph1@dfw.net>
Date: Fri, 22 Sep 95 17:53:21 PDT
To: dmandl@panix.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
Message-ID: <Pine.SUN.3.90.950922194817.11370A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Actually it allows you to imbed data and commands to run. What the latest
MSWord virus did is imbed a virus dropper encoded in the word document
and then run it trough the dos debug command to make it a binary file
(if you ever read the 40HEX virus magazine you should know how this works).
From there it just run the dropper.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Fri, 22 Sep 1995 dmandl@panix.com wrote:

> Is that the new MS-Word you're thinking of?  I hear that it lets you
> imbed macros containing executable code in documents.  That's got to
> be one of the most dangerous ideas ever cooked up.
> 
>    --Dave.
> 
> --
> Dave Mandl
> dmandl@panix.com
> http://wfmu.org/~davem
> 





Thread