[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unix and email viruses

On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
> On 3/2/08, Andrew Sackville-West <andrew@farwestbilliards.com> wrote:
> > The potential hole I see in mutt is not actually a hole in mutt but in
> > various helpers used by mutt users. For example, many of us use w3m or
> > links or some other text browser to dump html messages to plain text
> For that to work, various helper apps would have to be run as root or
> with root privileges. Normally i would not suspect a pic or other
> 'data' to try and be executable anyway.

The exploit would have to be one that gets root privileges through
escalation... I seem to recall that there had been some compromises in
some image formats that may have escalated privileges, but I don't
really know. 

sql injections are 'data' trying to be executable, aren't they? I know
that generally folks aren't trying to "open" sql "attachements"
(whatever the hell that might mean) from mutt...

Anyway, that's the whole point of an exploit -- providing some
_thing_, data or code, that causes a privilege escalation. It doesn't
have to be a helper running as root, just a helper that can be
exploited in some manner to get a root escalation. At least that's
what I understand. 


Attachment: signature.asc
Description: Digital signature

Reply to: