Autor: Dariusz (teletext_at_poczta.onet.pl)
Data: Fri 21 Jul 2000 - 23:28:19 MET DST
Juz samo sciaganie poczty e-mail z serwera moze spowodowac ze e-mail
sformatuje twardy dysk .
http://www.cnn.com/2000/TECH/computing/07/21/ms.outlook.bugs.idg/index.html
"You are vulnerable simply by having
Outlook or Outlook Express on your
system," Johansson said. "I can send you an e-mail and
it blows up your
system."
Given the manner in which the vulnerability can be
exploited, crackers don't
have to be worried about users being alerted to an
attack, said Russ
Cooper, the Lindsay, Ontario-based editor of
NTBugTraq, a popular
security bulletin board. "I'm not worried about you
not recognizing the
sender, being suspicious of the subject line or seeing
too many recipients" in
the address line, Cooper said.
The ability of buffer overflows to bring systems down
is nothing new and has
been well understood for more than two decades,
Johanssen said. A buffer
stores data that has been input by a user in a storage
area within a program's
memory for further processing. An overrun occurs when
the length of data
that is sought to be stored exceeds the length of the
available buffer.
Crackers can exploit unchecked buffers to invoke
overflows and to
overwrite the original program code with new
executables. In the present
instance, malicious attackers could exploit a similar
unchecked buffer relating
to Outlook and Outlook Explorer.
"Writing a buffer exploit is not the easiest thing in
the world, but I've seen
plenty of people do it," said Ryan Russell, manager of
information systems at
SecurityFocus.Com, a security portal in San Mateo,
Calif. And once some
working exploits are available, it becomes easy for
other crackers to modify
them for use in launching attacks, Russell added.
For example, code that exploits the Outlook hole
already has begun
circulating. A South American security firm called
USSR has posted a
sample exploit. The firm claims the sample will create
and send an e-mail
message that when downloaded by Outlook will
automatically open the
company's home page without the user doing anything at
all.
The latest vulnerability impacts all users of Outlook
Express and a very wide
swath of Outlook users, Microsoft said. All Outlook
users who use Post
Office Protocol Version 3 (POP3) and Internet Mail
Access Protocol
Version 4 (IMAP4) to access their Internet mail are
affected. Those who
use only the Messaging Application Programming
Interface (MAPI) -- most
commonly seen in companies that use Microsoft Exchange
as their e-mail
server -- aren't impacted, according to Microsoft's
advisory.
Security firm ICSA.Net, an affiliate of Gartner Group
Inc. in Stamford,
Conn., estimates that 50% of corporate Outlook users
and nearly all home
and small office Outlook users are affected by this
vulnerability. That number
collectively exceeds 100 million users, according to
ICSA.Net.
News of the latest vulnerability comes as Microsoft
also is trying to develop
a permanent patch to fix an equally dangerous hole in
Internet Explorer. That
bug lets crackers embed malicious Visual Basic code
into Microsoft's
Access database management software via Internet
Explorer. Microsoft last
week issued a workaround to address the issue.
To archiwum zostało wygenerowane przez hypermail 2.1.7 : Tue 18 May 2004 - 20:23:32 MET DST