[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Trojan Horse for Mac OS X

To: "'Joshua Levitsky'" <jlevitsk@xxxxxxxxxx>, "'Thomas Vincent'" <thomasv@xxxxxxx>
Subject: RE: [Full-Disclosure] Trojan Horse for Mac OS X
From: "Larry Seltzer" <larry@xxxxxxxxxxxxxxxx>
Date: Fri, 9 Apr 2004 18:53:09 -0400

>> This technique wouldn't work now because Mail.app, and probably all 
>> modern mail client. Will not let you execute code from within the mail 
>> client. 

>Completely untrue. Mail.app will ask you if you want to open the app just like 
>Outlook
Express on Windows does.

Actually, Outlook Express and Outlook will (by default) strip all executable 
attachments
before you even get them. They've done this for some time.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@xxxxxxxxxxxxx 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Trojan Horse for Mac OS X
  - From: Mary Landesman

References:
- Re: [Full-Disclosure] Trojan Horse for Mac OS X
  - From: Joshua Levitsky

Prev by Date: [Full-Disclosure] Re: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...)
Next by Date: Re: [Full-Disclosure] Trojan Horse for Mac OS X
Previous by thread: RE: [Full-Disclosure] Trojan Horse for Mac OS X
Next by thread: Re: [Full-Disclosure] Trojan Horse for Mac OS X
Index(es):
- Date
- Thread