If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#61
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
Top-Poaster Peter Foldes wrote in response to my summary of MEB:
98 Guy Do yourself a favor and get a life. You are wrong and you are beating a dead horse. Being foolish does not make you look good and your little credibility that you had is also going the way of the wind . I'm not sure if you're in agreement about what I said about MEB or if you're trying to defend / support him with the above comment. |
#62
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
FromTheRafters wrote:
without providing any shread of evidence that those threats or exploits are operable on win-98 systems. Considering exploits, it is not reasonable to assume that your OS is more secure just because an exploit is not operable on it. I think you mean payload - not exploit. If a given piece of exploit code is not operable on a given platform, then how can that platform be vulnerable to the exploit or any hypothetical payload / shell-code that might follow? How do you define vulnerable in that context? If the vulnerable software falls over, but the OS doesn't recognise the shellcode, the system is *still* vulnerable to the exploit. But there's no consequence if either or both the exploit or the shellcode does not function properly on a given system. If the exploit or the shellcode causes the application (or the OS) to crash, well that's just a nuisance that's not likely going to be repeated by the user. I don't really consider DoS's to be a significant or credible threat to anonymous end-users (what's the point?). If it is an NT specific malware *payload* you might not be vulnerable to the payload, but you still are vulnerable to the exploit. Until we see a functional example of an operable PDF exploit AND payload for the Win-98/Acrobat-6 combination then we can't be sure *if* there is a viable exploit in the first place. |
#63
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
FromTheRafters wrote:
without providing any shread of evidence that those threats or exploits are operable on win-98 systems. Considering exploits, it is not reasonable to assume that your OS is more secure just because an exploit is not operable on it. I think you mean payload - not exploit. If a given piece of exploit code is not operable on a given platform, then how can that platform be vulnerable to the exploit or any hypothetical payload / shell-code that might follow? How do you define vulnerable in that context? If the vulnerable software falls over, but the OS doesn't recognise the shellcode, the system is *still* vulnerable to the exploit. But there's no consequence if either or both the exploit or the shellcode does not function properly on a given system. If the exploit or the shellcode causes the application (or the OS) to crash, well that's just a nuisance that's not likely going to be repeated by the user. I don't really consider DoS's to be a significant or credible threat to anonymous end-users (what's the point?). If it is an NT specific malware *payload* you might not be vulnerable to the payload, but you still are vulnerable to the exploit. Until we see a functional example of an operable PDF exploit AND payload for the Win-98/Acrobat-6 combination then we can't be sure *if* there is a viable exploit in the first place. |
#64
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
"David H. Lipman" wrote:
-----BEGIN PGP SIGNED MESSAGE----- -----BEGIN PGP SIGNATURE----- -----END PGP SIGNATURE----- Was it necessary to post the PGP key? |
#65
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
"David H. Lipman" wrote:
-----BEGIN PGP SIGNED MESSAGE----- -----BEGIN PGP SIGNATURE----- -----END PGP SIGNATURE----- Was it necessary to post the PGP key? |
#66
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
From: "98 Guy"
| "David H. Lipman" wrote: -----BEGIN PGP SIGNED MESSAGE----- -----BEGIN PGP SIGNATURE----- -----END PGP SIGNATURE----- | Was it necessary to post the PGP key? Was it neccessary to comment on my "quoting" an official US CERT message ? I think NOT ! The answer is YES, it was. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#67
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
From: "98 Guy"
| "David H. Lipman" wrote: -----BEGIN PGP SIGNED MESSAGE----- -----BEGIN PGP SIGNATURE----- -----END PGP SIGNATURE----- | Was it necessary to post the PGP key? Was it neccessary to comment on my "quoting" an official US CERT message ? I think NOT ! The answer is YES, it was. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#68
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
"98 Guy" wrote in message ...
FromTheRafters wrote: without providing any shread of evidence that those threats or exploits are operable on win-98 systems. Considering exploits, it is not reasonable to assume that your OS is more secure just because an exploit is not operable on it. I think you mean payload - not exploit. Yes, I meant "threat" not "exploit". If a given piece of exploit code is not operable on a given platform, then how can that platform be vulnerable to the exploit or any hypothetical payload / shell-code that might follow? How do you define vulnerable in that context? The exploit in this case is against the application, what follows might be OS platform specific. For instance If a demo exploit has a benign payload (like executing notepad) it may work for all versions, but if a real world exploit calls cmd.exe (which W98 doesn't have) then the threat is still valid even though it isn't operable on your OS. If the vulnerable software falls over, but the OS doesn't recognise the shellcode, the system is *still* vulnerable to the exploit. But there's no consequence if either or both the exploit or the shellcode does not function properly on a given system. It could mean the difference between a worm instance being hosted and a DoS against the vulnerable application. If the exploit or the shellcode causes the application (or the OS) to crash, well that's just a nuisance that's not likely going to be repeated by the user. I don't really consider DoS's to be a significant or credible threat to anonymous end-users (what's the point?). Well then, a DoS exploit is not an exploit to you? If it is an NT specific malware *payload* you might not be vulnerable to the payload, but you still are vulnerable to the exploit. Until we see a functional example of an operable PDF exploit AND payload for the Win-98/Acrobat-6 combination then we can't be sure *if* there is a viable exploit in the first place. I suppose you have your own unique definition of payload then? |
#69
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
"98 Guy" wrote in message ...
FromTheRafters wrote: without providing any shread of evidence that those threats or exploits are operable on win-98 systems. Considering exploits, it is not reasonable to assume that your OS is more secure just because an exploit is not operable on it. I think you mean payload - not exploit. Yes, I meant "threat" not "exploit". If a given piece of exploit code is not operable on a given platform, then how can that platform be vulnerable to the exploit or any hypothetical payload / shell-code that might follow? How do you define vulnerable in that context? The exploit in this case is against the application, what follows might be OS platform specific. For instance If a demo exploit has a benign payload (like executing notepad) it may work for all versions, but if a real world exploit calls cmd.exe (which W98 doesn't have) then the threat is still valid even though it isn't operable on your OS. If the vulnerable software falls over, but the OS doesn't recognise the shellcode, the system is *still* vulnerable to the exploit. But there's no consequence if either or both the exploit or the shellcode does not function properly on a given system. It could mean the difference between a worm instance being hosted and a DoS against the vulnerable application. If the exploit or the shellcode causes the application (or the OS) to crash, well that's just a nuisance that's not likely going to be repeated by the user. I don't really consider DoS's to be a significant or credible threat to anonymous end-users (what's the point?). Well then, a DoS exploit is not an exploit to you? If it is an NT specific malware *payload* you might not be vulnerable to the payload, but you still are vulnerable to the exploit. Until we see a functional example of an operable PDF exploit AND payload for the Win-98/Acrobat-6 combination then we can't be sure *if* there is a viable exploit in the first place. I suppose you have your own unique definition of payload then? |
#70
|
|||
|
|||
PDF exploits shown in this comparison as exceeding Flash based
FromTheRafters wrote:
I don't really consider DoS's to be a significant or credible threat to anonymous end-users (what's the point?). Well then, a DoS exploit is not an exploit to you? To exploit something generally means to make some use of it. When a computer is exploited, it means (in this context) that a third party is or has gained some use or operational control over it. DoS events and exploits are not (to my knowledge) used against the average web-surfer, e-mail reader, home or soho user - but instead are used against specific machines, servers, etc. There are some exploits that have no function other than to cause instability or crash a target system (ie- DoS). The use of such "exploit" code in that situation will achieve some goal by the attacker, but I question if it can be said that the target machine was actually "exploited" in the process. Until we see a functional example of an operable PDF exploit AND payload for the Win-98/Acrobat-6 combination then we can't be sure *if* there is a viable exploit in the first place. I suppose you have your own unique definition of payload then? Where do I say that? I'm just saying that there has not been any PDF exploit-code analysis that I've ever seen where it was proved or shown that the exploit would work on a win-98/acrobat-6 system. And going further, I'm not aware of an appropriate payload / shellcode that has ever circulated in the wild to go along with such an exploit. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
New Adobe Reader Zero Day Exploits - New FireFox exploits | MEB[_16_] | General | 28 | May 5th 09 12:29 AM |
Registry and system.dat comparison | Bill P. | General | 9 | August 27th 06 04:53 AM |
Comparison of W98SE and ME? | ms | General | 5 | May 12th 05 06:58 PM |
Win98 comparison | [email protected] | General | 3 | September 14th 04 10:01 AM |
Spybot and DSO Exploits | Alias | General | 2 | September 7th 04 04:03 PM |