[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Flaws security feature of SP2
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Flaws security feature of SP2
- From: "Jonathan Rickman" <jonathan@xxxxxxxxxx>
- Date: Mon, 16 Aug 2004 11:20:10 -0400
> Exploiting this issue requires the ability to overwrite
> existing files wich have a trusted or non-existant ZoneID.
> Right now there is no known way to achieve this in an attack
> mounted from the Internet.
Ok. So if I have the ability to do that, isn't it safe to say that I already
control the box?
> Vendor status
> -------------
> heise Security has notified Microsoft about both issues on
> August 12. Microsoft Security Response Center
> responded:
>
> "We have investigated your report, as we do with all reports,
> however in this case, we don't see these issues as being in
> conflict with the design goals of the new protections. We are
> always seeking improvements to our security protections and
> this discussion will certainly provide additional input into
> future security features and improvements, but at this time
> we do not see these as issues that we would develop patches
> or workarounds to address."
I'm inclined to agree with them. I see the potential for problems as you
have pointed out, but I guess I need a little help in understanding how this
could ever be more than a theoretical vulnerability. Could you perhaps
elaborate and maybe toss in a hypothetical situation or two to help me see
what you're driving at?
--
Jonathan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html