Bugtraq mailing list archives

Re: More information on ZERT patch for ANI 0day

From: "Jason Frisvold" <xenophage0 () gmail com>
Date: Tue, 3 Apr 2007 22:39:54 -0400

On 4/3/07, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
<sbradcpa () pacbell net> wrote:

And there's a patch for that Realtek already to go on the download
site.  (read the caveat section).  So far all I've seen/heard is that one.


Yes, I forgot to mention the patch.

This is patching 7 graphics items not just the one. ...that's 6 more
things the folks that throw at me from those Metasploit modules ;-)


And of the seven vulnerabilities, the .ANI vulnerability is the only
one I'm aware of that's being actively exploited.  Four of the
vulnerabilities are local privilege escalations that, while dangerous,
aren't quite as dangerous as the ANI problem.

While I agree that using the MS patch now that it's out is definitely
recommended, I would argue that if the patch is causing problems that
can't be worked around, using the ZERT patch in the meantime is
definitely an option.

And prior to the MS patch being released, the ZERT patch was a great
resource to have out there.

--
Jason 'XenoPhage' Frisvold
XenoPhage0 () gmail com
http://blog.godshell.com

Current thread:

More information on ZERT patch for ANI 0day Gadi Evron (Apr 02)
- Re: More information on ZERT patch for ANI 0day Stefan Kelm (Apr 03)
  - Re: [Full-disclosure] More information on ZERT patch for ANI 0day Matthew Murphy (Apr 03)
  - Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 03)
    - Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)
    - Re: More information on ZERT patch for ANI 0day Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Apr 04)
    - Re: More information on ZERT patch for ANI 0day Jason Frisvold (Apr 04)