RE: Win32hlp exploit for : ":LINK overflow"

Personally, I know people who know that they shouldn't download or open .exe's due to viruses, yet they would have no clue about .cnt or .hlp files. That being said it could be a risk for them, yet people with some experience would noticed that something isn't right and ignore it... But that's just me....

I could have it wrong also, but does the risk happen because the .cnt can be emailed to someone/sent to them, and they could download and run it? That's how I see it working anyways, just like running an executable from an email.

• Josh

-----Original Message-----
From: Rob Shein [mailto:shoten@starpower.net] Sent: Tuesday, March 11, 2003 8:59 AM
To: 'descript'; vuln-dev@securityfocus.com; bugtraq@securityfocus.com Subject: RE: Win32hlp exploit for : ":LINK overflow"

I'm not entirely sure I get how serious this is. If I understand correctly,
you're modifying a .cnt file so that when it's called (by using it's corresponding .hlp file) it will go out and download/execute a program from
a predetermined site. When you're at the stage where you can modify files
on the target machine, how much of a difference does it make to be able to
get a .cnt file to do your bidding, as opposed to any executable that could
have another executable bound to it, for example? Perhaps I'm missing something...

> -----Original Message-----
Received on Thu Mar 13 12:05:10 2003