[linux] Best linux toos for removal of windoze exploit files onpic CDRs ??

db dbota at att.net
Mon Aug 21 12:18:11 PDT 2006 

Besides mass-mailing, the Trax balso vector themselves by copying 
themselves to external disk writes.

My understanding  is that there is a lot of exploits coming out of china 
and I would think that  internet cafes with all their transient users 
would be like universities over here ... a ready medium for such exploits.

Thanks for the advice to simply use the Linux machine to copy the files 
but it seems to rely on there being no jpg picture file exploits.  In 
checking, I see that there are some jpg exploits  ...  admittedly they 
surfaced in 2004   (*Exploit*-MS04-028) and an up to date  windows 
machine has been patched for those but perhaps there are  new variants?  

I would also prefer not to be possibly circulating a jpg exploit with my 
pics that could compromise somebody's unpatched windows computer...

Does anyone have further info on the jpg exploit issue and linux tools 
for culling windoze exploits from files?

Thanks for all the info that's been volunteered ...

db

Chris DeVoney wrote:
>> From: linux-bounces at mailman1.u.washington.edu 
>> [mailto:linux-bounces at mailman1.u.washington.edu] On Behalf Of 
>> Evan Martin
>> Sent: Sunday, August 20, 2006 6:34 PM
>>
>> Since (AFAIK) there are no exploits for jpegs (anyway, an 
>> exploit would target a particular jpeg decoder, not jpegs 
>> themselves), I'd copy all the images off the CD on a Linux 
>> machine, then burn those to a new CD.
>>     
>
> There was a buffer overflow exploit in Windows (CAN-2004-0200, MS04-028)
> patched long ago. Like you, I am unaware of any image exploit under Linux
> and second the motion of mounting the drive, copy off the JPEGs, and reburn.
> With modest precaution, you could even load the CD under Windows (just hold
> down that shift key) and copy off the JPEGS.
>
> I was looking the reported list and wonder how did some of these get on the
> CD? The ones mentioned by db are mass-mailer vectored. Since they are not
> copied automatically when a disk is created, could they have been copied
> with the images?
>
> cdv
>
> Chris DeVoney
> Division of Metabolism, Endocrinology, and Nutrition 
> UW School of Medicine
>
>
>

More information about the Linux mailing list