Advisory Day!

[Dave Aitel <dave () immunitysec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, it's time for another "advisory". As I don't believe advisories
really accomplish anything, I'll move right along to the blatant
product placement and grandstanding! :>

Remember this bug?
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0095
http://www.securityfocus.com/bid/9476/

Anyways, I didn't find that bug. A few months before that bug came out
I was attached to ePolicy Orchestrator with Ollydbg, and tracing a
request through it looking for ways to make it interoperate with other
software. I found a simple stack overflow, similar to the one posted
above, and fixed in the same patch. I'm pleased to say that this lets
ePO interoperate with Immunity CANVAS
(http://www.immunitysec.com/CANVAS/)!

Anyways, if you run ePolicy Orchestrator, no doubt you will use your
content distribution system to load the patch on it, now that you know
it fixes more than a DoS. Alternatively, CANVAS can be used as a patch
distribution system. :> RealSecure, NAI, etc - do bugs in security
software products make everyone else laugh?

Dave Aitel
Immunity, Inc.

P.S. (And if I had a shiny nickle for every time a software vendor
told me they "already knew about the problem" or "have already patched
that issue" while furiously writing a patch and doing QA, I'd be able
to buy myself a lobster farm already.)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFARi4czOrqAtg8JS8RAjLNAJ4/7z/YyOktHgqdd9QcgAr5RzhLqgCfdXeG
V6BHfS/evUXJF+9xALDi1CA=
=/cxb
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave