Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: White paper: Exploiting the Win32 API.

From: slack3r <slack3r () boy-genius net>
Date: Wed, 7 Aug 2002 11:13:29 -0500

Bugtraq,

I've been following this posting on the exploitation of the Win32 API
with interest. I think that Chris was correct in saying the following
from his original posting:

        5)  This is not a bug.  This is a new class of vulnerabilities, like a
        buffer overflow attack or a format string attack.  As such, there is
        no specific vendor to inform, since it affects every software maker
        who writes products for the Windows platform.  A co-ordinated release
        with every software vendor on the planet is impossible.

I think the point has been made that there are ways to fix this problem,
but the point is, this is a very real way of exploiting poorly written
applications. It's no different than exploiting, as he said, a buffer
overflow, or format strings, vulnerabilities of which abound throughout
the Internet. Though there may be a way to prevent these
vulnerabilities, the same could be said for, say, a buffer overflow, and
yet they're found all over the place. I think Chris has a valid point in
bringing this forward, and it's something that every Win32 programming
should take into account, while trying to write secure applications.
This is a topic that needed to be addressed.

-Bryan

P.S. I think it'd be interesting to see how many (if any) Microsoft
programs are affected by this type of vulnerability, even though they
"have known about these vulnerabilities for some time".
Previous By Date Next
Previous By Thread Next

Current thread: