Full Disclosure mailing list archives
Re: help analysing asn overflow
From: David Chastain <dlcmacosx () mac com>
Date: Fri, 21 Sep 2007 13:38:20 -0700
Are you gonna blow hot air VK or are you gonna help the man/woman??? On Friday, September 21, 2007, at 12:44PM, <Valdis.Kletnieks () vt edu> wrote:
On Sat, 22 Sep 2007 00:49:30 +0530, Code Breaker said:i am trying to analyse the old asn integer overflow.Can anyone guide me towards right direction?which function contains the vulnerable code?is it asn1_decode?It's not "the old asn integer", it's "one of the old asn integer"... There were about a zillion and a half different places in that code that were exploitable, because actual error checking was, like, a foreign language to that crew when they wrote it originally. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- help analysing asn overflow Code Breaker (Sep 21)
- Re: help analysing asn overflow Valdis . Kletnieks (Sep 21)
- Re: help analysing asn overflow David Chastain (Sep 21)
- Re: help analysing asn overflow Valdis . Kletnieks (Sep 21)