On Sat, 29 Jun 2002 17:18:56 -0500, Glenn McCorkle wrote: > On Fri, 28 Jun 2002 22:38:45 -0400, Clarence Verge wrote:
>> But she still won't be 100% safe. >> As far as *I* know, she is vulnerable to the overflow gambit in many >> areas. The chances of anyone bothering to test for and exploit these >> cracks in the armour are pretty slim tho. What's the point of trying >> to annoy a few dinosaurs ? <G> >> Of course, if you make it a CHALLENGE ... > Sure, you can "overflow" any web browser. > But that's not a virus or a worm. It CAN be. > AFAIK, > Causing an "overflow" can't damage anything on the > recipients computer system. If the author of the particular overflo exploit has access to the source code of the gateway he wishes to open - and in our case the source for Insight is public - he can sometimes taylor the overflo to push new executeable code into an area that ALREADY has executeable code in it. Thus when the target program accesses this code - say to write the html for arachne to display as our incoming email message - something entirely different and unexpected may happen. > And it most certainly can't be spread around the web and email system > without the person who received it intentionally re-sending it. In the situation described above, the entirely unexpected occurrence may be the creation of an "@list" from your email hotlist and then using Arachne to send itself to everyone in your mailbox. That is, it could install itself as a TSR and call Arachne's SMTP function when online. > So, > I'll stick with my assertion that Arachne *IS* 100% safe from > infection by virii and worms. If that isn't a worm, then I guess I don't know what a worm is. :) But there is no reason it couldn't also be a virus. If you think it's too difficult to transport enough code on the "Subject:" line to do any serious damage, think again. I could transport a couple of miles of executeable code as an attachment and call it a gif or bmp. <g> (Sound familiar ?) Then all I need is to get a few BYTES of code executed by the overflow exploit to launch the .BMP as a .BOMB. <G> Not to worry. We CAN (and will) close this and other doors in some future release of a TRULY secure Arachne. ;-) - Clarence Verge - Back to using Arachne V1.62 ....
