[PWNED/DOSSED] Cygwin's setup-x86.exe loads and executes rogue DLL from its application directory
Eric Blake
eblake@redhat.com
Thu Jan 7 17:39:00 GMT 2016
On 01/06/2016 07:17 AM, Stefan Kanthak wrote:
> Second and last chance!
> See <http://home.arcor.de/skanthak/policy.html>
Your policy page mentions a 45-day window, but:
>
> ----- Original Message -----
> From: "Stefan Kanthak" <stefan.kanthak@nexgo.de>
> To: <security@cygwin.org>
> Cc: <security@redhat.com>
> Sent: Monday, December 28, 2015 4:23 AM
If this was your original off-list post, you just violated your own
policy, since you included cygwin AT cygwin.com which is a public list
on the ping, and thereby made the issue public, without waiting 45 days.
>> 1. visit <http://home.arcor.de/skanthak/sentinel.html>, download
>> <http://home.arcor.de/skanthak/download/SENTINEL.DLL> and save
>> it as UXTheme.dll in your "Downloads" directory;
>>
>> 2. on Windows XP, copy the downloaded UXTheme.dll as ClbCatQ.dll;
You do realize that Windows XP is unsupported by Microsoft; if your
exploit requires an unsupported OS, does it really deserve a fix?
>>
>> I'll publish in 45 days.
>> See <http://home.arcor.de/skanthak/policy.html> and return the
>> CVE identifier assigned for this vulnerability to me!
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://cygwin.com/pipermail/cygwin/attachments/20160107/a514b924/attachment.sig>
More information about the Cygwin
mailing list