Hi, At 12:42 28/07/2001, you wrote: >It is my belief that microsoft is aware of this. After all, they know they >have html parsers on their programs, because thats one of the functions of >those (go imagine IE not parsing html targets on files it reads stand-alone. >it wouldn't be a browser at all). Thus, this is no bug at all. Probably the >code parsing shouldn't be done in files other than .html, .htm, but if it is >not to be considered as a bug. Actually, it is a very large bug. Windows uses some sort of content-type in it's registry for all file extensions (check it out) ... Damn there are no content-type thingies in 2K .. there WERE in 98 .. I'm sure of it. It should only interpret for the HTML content type (text/html iirc) ... NOT for any other. So don't filter on .html, .htm, but only on the content type. (why else is the Content-Type: header present??) >I consider these not sollutions to what you point out as a problem, but They are... >general tips to avoid security problems. Antiviral software wont prevent >html parsers from doing their job. Also, changing name of system utilities >wont do anything at all. About your 4th solution. I don't believe antiviral >software detects any kind of html or activex as being potentially harmful. Actually it does. If I surf to a site, defaced with the IIS/sadmind worm, like www.nntp.be (their webmaster was mailed long time ago that their site was defaced, but... *sigh* ohwell now I can use this as an example), McAfee VShield pops up saying "Infected filename: <blablabla\temporary internet files\blablabla> infected with SunOS/BoxPoison.worm ....... So I does warn... twice, even. >And finally, i don't believe any patch will come out to prevent html >parsing. Ofcourse not. Then there would be no browsers anymore. But there HAS to come a patch to prevent html parsing on non-html files. Tom ------------------------------------------------- Web: http://www.powersource.cx --- ICQ#: 12120754 Also check this out: http://kickme.to/sidewinder Need some cheats?? http://www.chaos-cheatbase.com Keep Fido&BBS Alive! http://skynetbbs.dyns.cx -------------------------------------------------
This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 10:29:30 PDT