__/ [ nessuno@xxxxxxxxxxxxxxxxxxx ] on Friday 07 July 2006 09:26 \__
> Quote:
> -------------
> ...but a spokesVole insisted that it was a feature that had legitimate
> users for customers.
>
> He said it was important to clarify the difference between security
> problems and legitimate features. A feature allows someone to do
> something. A security hole helps an attacker do something they
> shouldn't be able to do. I trust we are all clear on that?
> ------------
> End quote
>
> http://www.theinquirer.net/default.aspx?article=32847
Also see Ghost's insightful analysis in an earlier threat about this:
,----[ Complete snippet ]
| Newsgroups: comp.os.linux.advocacy
| From: The Ghost In The Machine <ewill@xxxxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: [News] More Windows/Internet Explorer Holes, Microsoft in
| Denial
|
| This works even on IE6 running on Linux. Here's how.
|
| [1] Create a small C++ file with the following source code.
|
| #include <cstdio>
| #include <cstdlib>
| #include <unistd.h>
|
| int main(int argc, char **argv)
| {
| system("xterm -e
| /bin/bash/home/ewilliam/Desktop/www.stupidstuff.com.sh");
|
| return 0;
| }
|
| [2] Compile:
|
| g++ -o ~/Desktop/www.stupidstuff.com stupidstuff.C
|
| [3] Create a shell script on one's desktop: www.stupidstuff.com.sh :
|
| #!/bin/sh
|
| echo HELLO, WORLD
| echo THIS IS GOOFY CALLING FROM A SHELL SCRIPT.
| echo Hit RETURN.
| read x
|
| [4] Invoke IE and type in www.stupidstuff.com ; hit return
| when instructed to make the xterm go away.
|
| This did lock up a wineserver on my box, which needed
| a SIGTERM before it stopped consuming all sorts of CPU,
| on my box, so caveat emptor. A subsequent invocation,
| however, performed normally. Typical IE.
|
| For its part Firefox ignores the issue totally, coming
| up with a webpage proudly blurting out "THIS DOMAIN
| NAME HAS JUST BEEN REGISTERED FOR ONE OF OUR CUSTOMERS!"
| (Fine. Ask me if I give a hoot and sixpence.) However,
| one can emulate in part IE's behavior by opening
| www.stupidstuff.com.sh using www.stupidstuff.com .
|
| This trick doesn't seem to work with .BAT files on Linux,
| which is probably not all that surprising since IE is just
| punting on the matter anyway.
|
| I could see this invoking
|
| www.stupidstuff.com/braindead/crap
|
| if the Desktop contains the directory www.stupidstuff.com as well.
| Could lead to some interesting (FSVO) malware.
`----
|
|