Is Newsbin vulnerable to the recent Winrar exploit?

Technical support and discussion of Newsbin Version 6 series.

Is Newsbin vulnerable to the recent Winrar exploit?

Postby mdbourgon » Sun Mar 17, 2019 4:50 pm

Howdy. Unsure how Newsbin does its Unrar-ing (I assume it's either par2dll or autopar2.dll), but I was concerned given the recent class of exploits with Winrar and the Winrar DLL. (https://www.slashgear.com/19-years-old- ... -16569928/)

The reason I posted is because I saw mentioned that Winrar basically offered a free DLL to un-RAR files, so I wanted to be double sure. Is newsbin somehow susceptible?

Thanks in advance!
mdbourgon
Occasional Contributor
Occasional Contributor
 
Posts: 21
Joined: Fri Mar 30, 2007 1:04 am

Re: Is Newsbin vulnerable to the recent Winrar exploit?

Postby Quade » Sun Mar 17, 2019 10:52 pm

I've looked into it and I don't think it is. What Newsbin uses is a subset of the code Winrar uses. So it doesn't do ZIP or ACE files and doesn't load any external DLL's. It's my impression this latest exploit is the result of a very old external DLL winrar loaded to handle some files. Newsbin doesn't use the DLL.

What I'm wondering though is how WinRAR bypasses UAC. According to the exploit report I read, it can write to the windows startup folder without triggering a UAC prompt.
User avatar
Quade
Eternal n00b
Eternal n00b
 
Posts: 44981
Joined: Sat May 19, 2001 12:41 am
Location: Virginia, US

Registered Newsbin User since: 10/24/97

Re: Is Newsbin vulnerable to the recent Winrar exploit?

Postby mdbourgon » Wed Mar 20, 2019 2:03 am

Gotcha. Thanks for checking. Yeah, it sounded like Winrar had older code specifically to handle ACE, so the exploit named it RAR so that Winrar would handle it. And you're right, that's strange that it could dump it in the startup folder.

Much appreciated, sir!
mdbourgon
Occasional Contributor
Occasional Contributor
 
Posts: 21
Joined: Fri Mar 30, 2007 1:04 am


Return to V6 Technical Support

Who is online

Users browsing this forum: No registered users and 2 guests

cron