[19739] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Kama Sutra Spoofs Digital Certificates

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Jan 25 22:09:08 2006

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, lynn@garlic.com
In-Reply-To: <43D70435.9020805@garlic.com>
Date: Thu, 26 Jan 2006 12:34:33 +1300

Anne & Lynn Wheeler <lynn@garlic.com> writes:

>The Kama Sutra worm can fool WIndows into accepting a malicious ActiveX control 
>by spoofing a digital signature, a security company said Tuesday.

If you track down the original Fortinet advisory you'll see that the Information-
Week text is slightly misleading, all it does is set the "this control is all 
right" flags in the registry to make Windows think it's passed a signature check
at some point in the past.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[19739] in cryptography@c2.net mail archive

Re: Kama Sutra Spoofs Digital Certificates

daemon@ATHENA.MIT.EDU (Peter Gutmann)Wed Jan 25 22:09:08 2006

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Jan 25 22:09:08 2006