[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unix and email viruses

On 03/03/2008, Andrew Sackville-West <andrew@farwestbilliards.com> wrote:
> On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote:
>  > On 3/2/08, Andrew Sackville-West <andrew@farwestbilliards.com> wrote:
>  >
>  > > The potential hole I see in mutt is not actually a hole in mutt but in
>  > > various helpers used by mutt users. For example, many of us use w3m or
>  > > links or some other text browser to dump html messages to plain text
>  >
>  > For that to work, various helper apps would have to be run as root or
>  > with root privileges. Normally i would not suspect a pic or other
>  > 'data' to try and be executable anyway.
> The exploit would have to be one that gets root privileges through
>  escalation... I seem to recall that there had been some compromises in
>  some image formats that may have escalated privileges, but I don't
>  really know.

There was a very popular, long-unpatched image exploit for Windows:

>  sql injections are 'data' trying to be executable, aren't they? I know
>  that generally folks aren't trying to "open" sql "attachements"
>  (whatever the hell that might mean) from mutt...

No, SQL injection is 'data' trying to run unauthorized queries on the database:

>  Anyway, that's the whole point of an exploit -- providing some
>  _thing_, data or code, that causes a privilege escalation. It doesn't
>  have to be a helper running as root, just a helper that can be
>  exploited in some manner to get a root escalation. At least that's
>  what I understand.

There are some javascript exploits (XSS attacks) that could
potentially run in a javascript-enabled text browser or screen reader.
Just because one uses Linux, or console tools, does not mean that one
in not vulnerable. But reading email in Mutt, without calling external
apps, I cannot think of an exploit vector. Famous last words.

Note that mutt is uncommon enough that it may not be feasable for an
attacker to even target it today. Security through obscurity, if you

Dotan Cohen


A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

Reply to: