Bugtraq mailing list archives
RE: Six Step IE Remote Compromise Cache Attack
From: Benjamin Franz <snowhare () nihongo org>
Date: Wed, 5 Nov 2003 14:49:42 -0800 (PST)
On Wed, 5 Nov 2003, Thor Larholm wrote:
This post raises an interesting question. Is our goal to find new vulnerabilities and attack vectors to help secure users and critical infrastructures, or is our goal to ease exploitation of existing vulnerabilities? There are no new vulnerabilities or techniques highlighted in this attack (which is what it is), just a combination of several already known vulnerabilities. This is not a proof-of-concept designed to highlight how a particular vulnerability works, but an exploit designed specifically to compromise your machine. All a malicious viruswriter has to do is exchange the EXE file. Believe me, I am all in for full disclosure and detailing every aspect of a vulnerability to prevent future occurances of similar threats, but I don't particularly think that we should actively be trying to help malicious persons.
I have mixed emotions about this. On one side - why put millions of systems at risk to script kiddies? On the other side, as noted by the poster, one of these vulnerabilities has been known for more than _TWO YEARS_. Surely far more than enough time for MS to have actually _fixed_ the problem if they intended to. MS seems (at least in some cases) to ignore security problems until someone publically 'holds their feet to the fire' over them. I suspect this happens when the problem 'runs deep' in their code and will require more than fixing a boundary limit check and recompiling. -- Benjamin Franz Gauss's law is always true, but it is not always useful. -- David J. Griffiths, "Introduction to Electrodynamics"
Current thread:
- Six Step IE Remote Compromise Cache Attack Liu Die Yu (Nov 05)
- <Possible follow-ups>
- RE: Six Step IE Remote Compromise Cache Attack Thor Larholm (Nov 05)
- RE: Six Step IE Remote Compromise Cache Attack Steve Hillier (Nov 05)
- RE: Six Step IE Remote Compromise Cache Attack Benjamin Franz (Nov 05)
- RE: Six Step IE Remote Compromise Cache Attack white colin john (Nov 05)
- RE: Six Step IE Remote Compromise Cache Attack Tyler Larson (Nov 06)
- Re: Six Step IE Remote Compromise Cache Attack Florian Weimer (Nov 07)
- Re: Six Step IE Remote Compromise Cache Attack Florian Weimer (Nov 05)
- Re: Six Step IE Remote Compromise Cache Attack Seth Arnold (Nov 05)
- Re: Six Step IE Remote Compromise Cache Attack Jelmer (Nov 06)
- RE: Six Step IE Remote Compromise Cache Attack Thor Larholm (Nov 05)
- RE: Six Step IE Remote Compromise Cache Attack Paul Szabo (Nov 05)
- RE: Six Step IE Remote Compromise Cache Attack Drew Copley (Nov 06)
- Re: Six Step IE Remote Compromise Cache Attack http-equiv () excite com (Nov 06)