[16847] in bugtraq
Re: Double clicking on MS Office documents from Windows Explorer
daemon@ATHENA.MIT.EDU (Philip Stoev)
Wed Sep 20 13:37:46 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <001e01c022dc$9d28f330$0100a8c0@ntserver1>
Date: Wed, 20 Sep 2000 11:27:27 +0300
Reply-To: Philip Stoev <philip@EINET.BG>
From: Philip Stoev <philip@EINET.BG>
To: BUGTRAQ@SECURITYFOCUS.COM
----- Original Message -----
From: "Francis Favorini" <francis.favorini@DUKE.EDU>
> Of course the above does not protect against a user being tricked into
> opening a document from a share under the attacker's control somewhere out
> on the Internet. "Standard firewall practices" blocking incoming and
> outgoing NBT/CIFS/SMB should take care of that. ;-)
Hey, what about Web Folders? AFAIK, those go through vanilla HTTP and it is
not easy to block them all. Imagine the attacker presents himself as a
free-web-folder-space provider. The user mounts the remote web folder on his
system and you may get the same scenario as with an ordinary SMB share.
Anyone able to test?
> I always set up Temp directories to not allow Executing files
Again, this breaks Microsoft Setups, as well as other installs out there.
Philip
