[Esd-l] What file-endings should be stopped for this ?

Bjarni R. Einarsson bre at klaki.net
Thu Feb 28 21:29:01 PST 2002


On 2002-02-27, 06:42:22 (-0800), John D. Hardin wrote:
> 
> Sigh. I wonder how long it will be before Msoft figures a way to embed
> auto-executable scripting into .TXT files? "Bugtraq: remotely

Um.  Serious work has been done in that direction, with promising
results.  I'm not kidding:

  http://lists.insecure.org/vuln-dev/2001/Nov/0016.html

Executive summary: "Type a text file in the NT console and your
machine will reboot due to kernel memory corruption."

My theory: if you can overwrite kernel-space memory bad enough to
reboot the machine, then the creative hacker can probably do
something even more interesting.

To me, this bug speaks volumes about the quality of Microsoft's
code.  To be fair, this bug probably isn't directly exploitable via.
email, and this message is therefore a little bit off-topic.

But I thought you might find it humorous. :-)

-- 
Bjarni R. Einarsson                           PGP: 02764305, B7A3AB89
 bre at klaki.net                -><-              http://bre.klaki.net/

Check out my open-source email sanitizer: http://mailtools.anomy.net/
Spammers, please send plenty of email to: agoat at klaki.net



More information about the esd-l mailing list