Re: WARNING vIRuS!

["Paul S. Penrod" <furballs@netcom.com>]

On Sat, 31 Aug 1996, Mark M. wrote:

> On Sat, 31 Aug 1996, Paul S. Penrod wrote:
> 
> > Binary launches are the way they do it, and the way a virus spreads, 
> > unless you get caught up with autoexecuting Word and Excel macros.
> > 
> > I have yet to see *any* truly data propogating viruses.
> 
> Would you count the fingerd exploit used in the Internet Worm as a data
> propogating virus?  If a poorly written mail program doesn't do bounds
> checking, it could conceivably allow for a Good Times-like virus.  However,
> highly unlikely, since mail programs are too diverse and it would be very
> doubtful that a brain-dead mail program would become very widespread.  I would
> be much more worried about other non-email programs that fail to do bounds
> checking (like Netscape v1.1).
> 
> -- Mark
> 

No, I wouldn't consider the fingerd exploit a data propogated virus in 
the same sense as data embedded in a purely passive activity (viewing an 
image file) which somehow launches a vicious nasty on your disk. However, 
you do bring up an interesting point in that example.

Netscape and programs of that ilk, IMO, yield antoher exploitable pathway 
into a system, should someone figure a method to shove a jam into the 
doorway to keep the door open long enough to allow a renegade proc to be 
started and executed outside the control of the local operator.

...Paul