[Full-disclosure] More information on ZERT patch for ANI 0day
Gadi Evron
ge at linuxbox.org
Mon Apr 2 20:11:08 BST 2007
On Mon, 2 Apr 2007, James (njan) Eaton-Lee wrote:
> Gadi,
>
> Gadi Evron wrote:
>
> > For a real current attack.
>
> Understandably. This is the attack which this thread is about, as
> indicated in the subject line of the e-mail.
>
> To recap, you used the phrase "flawed copy routine." to refer to the
> fact that you could carry out an attack using this particular attack
> method by writing to "typically C:\WINDOWS\ or C:\WINNT\". Again, to
> recap, my point was:
>
> "an attacker with write access to %systemroot%
> probably has juicier, simpler targets to attack (which potentially let
> them run code in a higher security context) than animated cursors."
>
> Do you have any reply to make to what I actually *said*?
Not really, maybe othrs do.
>
> - James.
>
> --
> James (njan) Eaton-Lee | UIN: 10807960 | http://www.jeremiad.org
>
> "All at sea again / And now my hurricanes
> Have brought down this ocean rain / To bathe me again"
>
> https://www.bsrf.org.uk | ca: https://www.cacert.org/index.php?id=3
> --
>
Full-Disclosure is hosted and sponsored by Secunia.