|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup
From: Ansgar -59cobalt- Wiechers (bugtraq
planetcobalt.net)
Date: Mon Apr 17 2006 - 18:06:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2006-04-15 Thor (Hammer of God) wrote:
> It's a simple method to bypass malicious host file modification.
Make that "pointless method" and it's correct. To modify the hosts file
(or its location) malware would need administrative privileges. With
admin privileges the malware can do whatever it pleases, including but
not limited to bypassing or replacing the entire DNS resolver.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]