[33542] in bugtraq
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
daemon@ATHENA.MIT.EDU (Seth Arnold)
Mon Feb 9 16:13:03 2004
Date: Mon, 9 Feb 2004 11:20:29 -0800
From: Seth Arnold <sarnold@wirex.com>
To: bugtraq@securityfocus.com
Message-ID: <20040209192029.GC17237@wirex.com>
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="WfZ7S8PLGjBY9Voh"
Content-Disposition: inline
In-Reply-To: <DHELIJMHOLKLHKFHGGGLEECLCAAA.disclosure@ossecurity.ca>
--WfZ7S8PLGjBY9Voh
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Feb 09, 2004 at 01:24:04PM -0500, Disclosure From OSSI wrote:
> But this mechanism can only protect a limited segment of WINDOWS users
> against this =93DLL proxy=94 attack. For example, XP Home Edition
> (SP1) is installed by default with administrator privileges for
> accounts and therefore ACL for program folders are wide open to be
> modified. Many Windows platforms use an un-secured file system such
> as FAT or FAT32 without ACL protection.
By definition, anyone running any such system has explicitely decided to
trust all the users of the machine to act in accordance with common
shared goals.
You're confusing security mechanism with security policy; if someone's
security policy allows everyone to have administrator status, then this
is NOT a security problem, as you claim. This is legitimate use of
legitimate privileges.
--=20
Immunix Secured Linux Distribution: http://immunix.org/
--WfZ7S8PLGjBY9Voh
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFAJ918+9nuM9mwoJkRAgveAJ0UZ5x60LE/EsWP7/pi9o7EbdGTxACfUS9G
Dd4ulUahS5J52SS+3YQKNzg=
=PoX6
-----END PGP SIGNATURE-----
--WfZ7S8PLGjBY9Voh--
