BugTraq
RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 13 2006 07:01PM
Derek Soeder (dsoeder eeye com) (1 replies)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 15 2006 06:39PM
Thor (Hammer of God) (thor hammerofgod com) (3 replies)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 17 2006 11:06PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
On 2006-04-15 Thor (Hammer of God) wrote:
> It's a simple method to bypass malicious host file modification.

Make that "pointless method" and it's correct. To modify the hosts file
(or its location) malware would need administrative privileges. With
admin privileges the malware can do whatever it pleases, including but
not limited to bypassing or replacing the entire DNS resolver.

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

[ reply ]
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 17 2006 08:49PM
Paul Wouters (paul xtdnet nl)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 17 2006 05:09PM
Geo. (geoincidents nls net) (1 replies)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 20 2006 03:54AM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 20 2006 12:18PM
Geo. (geoincidents nls net) (1 replies)
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 24 2006 04:15PM
Thor (Hammer of God) (thor hammerofgod com)


 

Privacy Statement
Copyright 2010, SecurityFocus