Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Possible backdoor in Acer laptops. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Possible backdoor in Acer laptops
by Graham at 8:52 am EST, Jan 9, 2007

Recently, I noticed that my Acer TravelMate 4150 notebook contains the LunchApp.APlunch ActiveX control, which is marked as "safe for scripting" and "safe for initializing from persistent data".
...
Checking the interface of the control reveals it has a method named "Run()" as shown below. The method supports parameters "Drive", "FileName", and "CmdLine". Isn't it strange for a control that's marked "safe for scripting" to allow a method that is suggestive of possible abuse?
...
It isn't long before I'm using this control from a webpage to execute arbitrary commands on my notebook when the page is loaded in IE6. And it's too simple....

From the site this has only been tested on two Acer laptops - the Acer Aspire 5600 and the Acer TravelMate 4150 - and both from Singapore, but if it is more widespread then this could be dangerous...


 
RE: Possible backdoor in Acer laptops
by Acidus at 10:31 am EST, Jan 10, 2007

Graham wrote:

Recently, I noticed that my Acer TravelMate 4150 notebook contains the LunchApp.APlunch ActiveX control, which is marked as "safe for scripting" and "safe for initializing from persistent data".
...
Checking the interface of the control reveals it has a method named "Run()" as shown below. The method supports parameters "Drive", "FileName", and "CmdLine". Isn't it strange for a control that's marked "safe for scripting" to allow a method that is suggestive of possible abuse?
...
It isn't long before I'm using this control from a webpage to execute arbitrary commands on my notebook when the page is loaded in IE6. And it's too simple....

From the site this has only been tested on two Acer laptops - the Acer Aspire 5600 and the Acer TravelMate 4150 - and both from Singapore, but if it is more widespread then this could be dangerous...

ACtiveX is a security nightmare, but its not ActiveX's fault here. Acer could have preloaded a signed Java applet that could do the same.

Acer should be ashamed of themselves.


 
 
Powered By Industrial Memetics