[iwar] [fc:Hackers.could.take.over.machine.via.email.]

From: Fred Cohen (fc@all.net)
Date: 2002-07-13 22:19:39


Return-Path: <sentto-279987-4977-1026623911-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sat, 13 Jul 2002 22:22:08 -0700 (PDT)
Received: (qmail 5214 invoked by uid 510); 14 Jul 2002 05:17:54 -0000
Received: from n32.grp.scd.yahoo.com (66.218.66.100) by all.net with SMTP; 14 Jul 2002 05:17:54 -0000
X-eGroups-Return: sentto-279987-4977-1026623911-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.192] by n32.grp.scd.yahoo.com with NNFMP; 14 Jul 2002 05:18:31 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_7_4); 14 Jul 2002 05:18:31 -0000
Received: (qmail 33812 invoked from network); 14 Jul 2002 05:18:31 -0000
Received: from unknown (66.218.66.216) by m10.grp.scd.yahoo.com with QMQP; 14 Jul 2002 05:18:31 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 14 Jul 2002 05:18:31 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g6E5Jdp27837 for iwar@onelist.com; Sat, 13 Jul 2002 22:19:39 -0700
Message-Id: <200207140519.g6E5Jdp27837@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sat, 13 Jul 2002 22:19:39 -0700 (PDT)
Subject: [iwar] [fc:Hackers.could.take.over.machine.via.email.]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, hits=0.0 required=5.0 tests=DIFFERENT_REPLY_TO version=2.20
X-Spam-Level: 

PGP Flaw Discovered Date:  Thursday, 11 July 2002

Source:  VNU Business Publishing

Story:  Hackers could take over machine via email.
<a href="http://www.ds-osac.org/edb/cyber/news/story.cfm?KEY=8513">http://www.ds-osac.org/edb/cyber/news/story.cfm?KEY=8513>

Pretty Good Privacy (PGP), the world's most popular software for
scrambling sensitive emails, has been found to have a flaw that could
allow hackers to attack a user's computer.

PGP is widely used by corporate and government offices, including some
FBI agents and US intelligence agencies.

The new vulnerability, discovered by researchers at eEye Digital
Security, is based on a programming flaw in a plugin that helps users of
Microsoft Outlook encrypt messages with a few mouse clicks.

If a hacker sends a specially coded email - which would appear as a
blank message followed by an error warning - it could effectively seize
control of the victim's computer.

The hacker could then install spy software to record keystrokes, steal
financial records or copy a person's unlocking keys to unscramble their
emails.

Marc Maiffret, the eEye executive and researcher who discovered the
problem, said there was no evidence that anyone had successfully
attacked users of the encryption software with this technique.

He said the programming flaw was "not totally obvious", even to trained
researchers examining the software blueprints.

Network Associates - which, until February, distributed both commercial
and free versions of PGP - has released a patch for the problem on its
website.

The company announced earlier that it was suspending new sales of the
software, which hasn't been profitable, but moved within weeks to repair
the problem in existing versions.

A plugin for Microsoft's Outlook Express is not affected by the flaw.

1995-2002 VNU Business Publications Ltd. All rights reserved

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Save on REALTOR Fees
http://us.click.yahoo.com/Xw80LD/h1ZEAA/Ey.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:31 PDT