Dear Andres Tarasco,
>I can see only one real attack scenario, unprivileged access to a Windows with FAT file system or incorrect acls
> that allows you to store c:\telnet.exe file. Anyway under that scenario , you should be able to trigger better attacks ;-)
Windows 2000 per default allows users to write to c:\
PS. I have seen malware dropping another encrypted copy to C:\program.exe, whenever an appplication calls
a createprocess unsafely it gets excecuted.
--
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
