A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows 98 » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

PDF exploits shown in this comparison as exceeding Flash based



 
 
Thread Tools Display Modes
  #61  
Old February 25th 10, 11:08 PM posted to microsoft.public.security.homeusers,microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default PDF exploits shown in this comparison as exceeding Flash based

Top-Poaster Peter Foldes wrote in response to my summary of MEB:

98 Guy

Do yourself a favor and get a life. You are wrong and you are
beating a dead horse. Being foolish does not make you look
good and your little credibility that you had is also going
the way of the wind .


I'm not sure if you're in agreement about what I said about MEB or if
you're trying to defend / support him with the above comment.
  #62  
Old February 25th 10, 11:23 PM posted to microsoft.public.security.homeusers,microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default PDF exploits shown in this comparison as exceeding Flash based

FromTheRafters wrote:

without providing any shread of evidence that those threats
or exploits are operable on win-98 systems.


Considering exploits, it is not reasonable to assume that your
OS is more secure just because an exploit is not operable on
it.


I think you mean payload - not exploit.

If a given piece of exploit code is not operable on a given platform,
then how can that platform be vulnerable to the exploit or any
hypothetical payload / shell-code that might follow? How do you define
vulnerable in that context?

If the vulnerable software falls over, but the OS doesn't
recognise the shellcode, the system is *still* vulnerable
to the exploit.


But there's no consequence if either or both the exploit or the
shellcode does not function properly on a given system.

If the exploit or the shellcode causes the application (or the OS) to
crash, well that's just a nuisance that's not likely going to be
repeated by the user.

I don't really consider DoS's to be a significant or credible threat to
anonymous end-users (what's the point?).

If it is an NT specific malware *payload* you might not be
vulnerable to the payload, but you still are vulnerable to
the exploit.


Until we see a functional example of an operable PDF exploit AND payload
for the Win-98/Acrobat-6 combination then we can't be sure *if* there is
a viable exploit in the first place.
  #63  
Old February 25th 10, 11:23 PM posted to microsoft.public.security.homeusers,microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default PDF exploits shown in this comparison as exceeding Flash based

FromTheRafters wrote:

without providing any shread of evidence that those threats
or exploits are operable on win-98 systems.


Considering exploits, it is not reasonable to assume that your
OS is more secure just because an exploit is not operable on
it.


I think you mean payload - not exploit.

If a given piece of exploit code is not operable on a given platform,
then how can that platform be vulnerable to the exploit or any
hypothetical payload / shell-code that might follow? How do you define
vulnerable in that context?

If the vulnerable software falls over, but the OS doesn't
recognise the shellcode, the system is *still* vulnerable
to the exploit.


But there's no consequence if either or both the exploit or the
shellcode does not function properly on a given system.

If the exploit or the shellcode causes the application (or the OS) to
crash, well that's just a nuisance that's not likely going to be
repeated by the user.

I don't really consider DoS's to be a significant or credible threat to
anonymous end-users (what's the point?).

If it is an NT specific malware *payload* you might not be
vulnerable to the payload, but you still are vulnerable to
the exploit.


Until we see a functional example of an operable PDF exploit AND payload
for the Win-98/Acrobat-6 combination then we can't be sure *if* there is
a viable exploit in the first place.
  #64  
Old February 25th 10, 11:25 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.security.homeusers
98 Guy
External Usenet User
 
Posts: 2,951
Default PDF exploits shown in this comparison as exceeding Flash based

"David H. Lipman" wrote:

-----BEGIN PGP SIGNED MESSAGE-----
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----


Was it necessary to post the PGP key?
  #65  
Old February 25th 10, 11:25 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.security.homeusers
98 Guy
External Usenet User
 
Posts: 2,951
Default PDF exploits shown in this comparison as exceeding Flash based

"David H. Lipman" wrote:

-----BEGIN PGP SIGNED MESSAGE-----
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----


Was it necessary to post the PGP key?
  #66  
Old February 25th 10, 11:49 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.security.homeusers
David H. Lipman
External Usenet User
 
Posts: 365
Default PDF exploits shown in this comparison as exceeding Flash based

From: "98 Guy"

| "David H. Lipman" wrote:

-----BEGIN PGP SIGNED MESSAGE-----
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----


| Was it necessary to post the PGP key?

Was it neccessary to comment on my "quoting" an official US CERT message ?

I think NOT ! The answer is YES, it was.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


  #67  
Old February 25th 10, 11:49 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.security.homeusers
David H. Lipman
External Usenet User
 
Posts: 365
Default PDF exploits shown in this comparison as exceeding Flash based

From: "98 Guy"

| "David H. Lipman" wrote:

-----BEGIN PGP SIGNED MESSAGE-----
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----


| Was it necessary to post the PGP key?

Was it neccessary to comment on my "quoting" an official US CERT message ?

I think NOT ! The answer is YES, it was.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


  #68  
Old February 26th 10, 01:17 AM posted to microsoft.public.security.homeusers,microsoft.public.win98.gen_discussion
FromTheRafters[_3_]
External Usenet User
 
Posts: 67
Default PDF exploits shown in this comparison as exceeding Flash based

"98 Guy" wrote in message ...
FromTheRafters wrote:

without providing any shread of evidence that those threats
or exploits are operable on win-98 systems.


Considering exploits, it is not reasonable to assume that your
OS is more secure just because an exploit is not operable on
it.


I think you mean payload - not exploit.


Yes, I meant "threat" not "exploit".

If a given piece of exploit code is not operable on a given platform,
then how can that platform be vulnerable to the exploit or any
hypothetical payload / shell-code that might follow? How do you
define
vulnerable in that context?


The exploit in this case is against the application, what follows might
be OS platform specific. For instance If a demo exploit has a benign
payload (like executing notepad) it may work for all versions, but if a
real world exploit calls cmd.exe (which W98 doesn't have) then the
threat is still valid even though it isn't operable on your OS.

If the vulnerable software falls over, but the OS doesn't
recognise the shellcode, the system is *still* vulnerable
to the exploit.


But there's no consequence if either or both the exploit or the
shellcode does not function properly on a given system.


It could mean the difference between a worm instance being hosted and a
DoS against the vulnerable application.

If the exploit or the shellcode causes the application (or the OS) to
crash, well that's just a nuisance that's not likely going to be
repeated by the user.

I don't really consider DoS's to be a significant or credible threat
to
anonymous end-users (what's the point?).


Well then, a DoS exploit is not an exploit to you?

If it is an NT specific malware *payload* you might not be
vulnerable to the payload, but you still are vulnerable to
the exploit.


Until we see a functional example of an operable PDF exploit AND
payload
for the Win-98/Acrobat-6 combination then we can't be sure *if* there
is
a viable exploit in the first place.


I suppose you have your own unique definition of payload then?


  #69  
Old February 26th 10, 01:17 AM posted to microsoft.public.security.homeusers,microsoft.public.win98.gen_discussion
FromTheRafters[_3_]
External Usenet User
 
Posts: 67
Default PDF exploits shown in this comparison as exceeding Flash based

"98 Guy" wrote in message ...
FromTheRafters wrote:

without providing any shread of evidence that those threats
or exploits are operable on win-98 systems.


Considering exploits, it is not reasonable to assume that your
OS is more secure just because an exploit is not operable on
it.


I think you mean payload - not exploit.


Yes, I meant "threat" not "exploit".

If a given piece of exploit code is not operable on a given platform,
then how can that platform be vulnerable to the exploit or any
hypothetical payload / shell-code that might follow? How do you
define
vulnerable in that context?


The exploit in this case is against the application, what follows might
be OS platform specific. For instance If a demo exploit has a benign
payload (like executing notepad) it may work for all versions, but if a
real world exploit calls cmd.exe (which W98 doesn't have) then the
threat is still valid even though it isn't operable on your OS.

If the vulnerable software falls over, but the OS doesn't
recognise the shellcode, the system is *still* vulnerable
to the exploit.


But there's no consequence if either or both the exploit or the
shellcode does not function properly on a given system.


It could mean the difference between a worm instance being hosted and a
DoS against the vulnerable application.

If the exploit or the shellcode causes the application (or the OS) to
crash, well that's just a nuisance that's not likely going to be
repeated by the user.

I don't really consider DoS's to be a significant or credible threat
to
anonymous end-users (what's the point?).


Well then, a DoS exploit is not an exploit to you?

If it is an NT specific malware *payload* you might not be
vulnerable to the payload, but you still are vulnerable to
the exploit.


Until we see a functional example of an operable PDF exploit AND
payload
for the Win-98/Acrobat-6 combination then we can't be sure *if* there
is
a viable exploit in the first place.


I suppose you have your own unique definition of payload then?


  #70  
Old February 26th 10, 03:46 AM posted to microsoft.public.security.homeusers,microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default PDF exploits shown in this comparison as exceeding Flash based

FromTheRafters wrote:

I don't really consider DoS's to be a significant or credible
threat to anonymous end-users (what's the point?).


Well then, a DoS exploit is not an exploit to you?


To exploit something generally means to make some use of it.

When a computer is exploited, it means (in this context) that a third
party is or has gained some use or operational control over it.

DoS events and exploits are not (to my knowledge) used against the
average web-surfer, e-mail reader, home or soho user - but instead are
used against specific machines, servers, etc.

There are some exploits that have no function other than to cause
instability or crash a target system (ie- DoS). The use of such
"exploit" code in that situation will achieve some goal by the attacker,
but I question if it can be said that the target machine was actually
"exploited" in the process.

Until we see a functional example of an operable PDF exploit
AND payload for the Win-98/Acrobat-6 combination then we
can't be sure *if* there is a viable exploit in the first
place.


I suppose you have your own unique definition of payload then?


Where do I say that?

I'm just saying that there has not been any PDF exploit-code analysis
that I've ever seen where it was proved or shown that the exploit would
work on a win-98/acrobat-6 system. And going further, I'm not aware of
an appropriate payload / shellcode that has ever circulated in the wild
to go along with such an exploit.
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
New Adobe Reader Zero Day Exploits - New FireFox exploits MEB[_16_] General 28 May 5th 09 12:29 AM
Registry and system.dat comparison Bill P. General 9 August 27th 06 04:53 AM
Comparison of W98SE and ME? ms General 5 May 12th 05 06:58 PM
Win98 comparison [email protected] General 3 September 14th 04 10:01 AM
Spybot and DSO Exploits Alias General 2 September 7th 04 04:03 PM


All times are GMT +1. The time now is 09:06 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.