Full Disclosure mailing list archives
Re: EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability
From: Joe Stewart <jstewart () lurhq com>
Date: Wed, 13 Oct 2004 11:12:51 -0400
A few things I've noticed with this advisory: eEye states that the vulnerability is an overflow in dunzip32.dll and that MS04-034 fixes it. However, from what I've seen MS04-034 only patches zipfldr.dll. Further, MS04-034 claims that Windows ME is not vulnerable, while eEye says it is. Also, eEye says that the dunzip32.dll overflow is an issue for XP, yet I am unable to find dunzip32.dll on a stock XP SP1 system. Is it possible that the eEye release and the MS04-034 bulletin are talking about two separate issues? -Joe -- Joe Stewart, GCIH Senior Security Researcher LURHQ http://www.lurhq.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Derek Soeder (Oct 12)
- Re: EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability Joe Stewart (Oct 13)
- IRC spying to increase Ron DuFresne (Oct 13)
- Re: IRC spying to increase xploitable (Oct 14)
- Re: IRC spying to increase Ali Campbell (Oct 14)
- Re: IRC spying to increase Darren Reed (Oct 15)
- Re: IRC spying to increase Ali Campbell (Oct 15)
- Re: IRC spying to increase xploitable (Oct 14)