1995-09-23 - Re: Another Netscape Bug (and possible security hole)

Header Data

From: Ray Cromwell <rjc@clark.net>
To: aleph1@dfw.net (Aleph One)
Message Hash: 8ffbd50663b6afae4498da3f9db4b246c324083400d389668208d9fee43e77d9
Message ID: <199509230513.BAA23938@clark.net>
Reply To: <Pine.SUN.3.90.950922194817.11370A-100000@dfw.net>
UTC Datetime: 1995-09-23 05:16:31 UTC
Raw Date: Fri, 22 Sep 95 22:16:31 PDT

Raw message

From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 22:16:31 PDT
To: aleph1@dfw.net (Aleph One)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.90.950922194817.11370A-100000@dfw.net>
Message-ID: <199509230513.BAA23938@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Actually it allows you to imbed data and commands to run. What the latest
> MSWord virus did is imbed a virus dropper encoded in the word document
> and then run it trough the dos debug command to make it a binary file
> (if you ever read the 40HEX virus magazine you should know how this works).
> From there it just run the dropper.

  You could make a worm out of this Netscape bug by having it look
for a user's homepage when it infects, and then inserting the
URL into that page.






Thread