PGP app yields remote root on Windows
PrintPatch early, patch often
Posted in Software, 6th September 2002 11:00 GMT
Free whitepaper – PowerEdge M610 technical guidebook
A curious flaw in a PGP application's handling of file names could allow an attacker to own a remote Windows machine with a malicious, encrypted archive.
File names over 200 characters in length will cause a buffer overflow, which, if exploited properly, could allow running arbitrary code on the target machine.
A typical attack would involve sending an encrypted archive to a victim via email. The archive itself would have a reasonably short name to avoid suspicion. But within it would be an encrypted file with a name exceeding 200 characters which would cause the desired overflow.
The flaw affects PGP Corporate Desktop 7.1.x. for Windows. A patch has been developed by former PGP owner Networks Associates, and is available here. ®
Free whitepaper – Power distribution systems for the Dell PowerEdge M1000e Modular Server Enclosure
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
10 Strategies for Choosing a Midmarket ERP Solution
Enabling The Agile Data Center
Buyer's Guide: ERP Systems
Sun's surviving staff hit with 'motivation' missive
Ubuntu's Karmic Koala bares fangs at Windows 7
Change your views: OS X tags exploited
Sun preps cell-phone Java plan for netbooks