Full Disclosure mailing list archives
Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
From: webDEViL <w3bd3vil () gmail com>
Date: Fri, 27 Nov 2009 11:15:00 +0300
That's what binary diffing is all about. Sent from my iPhone On Nov 27, 2009, at 7:59 AM, Ivan Security <ivanchukl () gmail com> wrote:
Hi list, Has anyone more details about this vulnerability?. The advisory just say: "The vulnerability exists due to the TCP/IP stack not cleaning up state information correctly. This causes the TCP/IP stack to reference a field as a function pointer when it actually contains other information" I'd like to know a bit more in order to test it and make some research. Regards, Ivan. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Ivan Security (Nov 26)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability webDEViL (Nov 27)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Ivan Security (Nov 27)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Valdis . Kletnieks (Nov 27)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Ivan Security (Nov 27)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Valdis . Kletnieks (Nov 27)
- Message not available
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Ivan Security (Nov 27)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability Ivan Security (Nov 27)
- Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability webDEViL (Nov 27)