Dailydave mailing list archives
Re[4]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007
From: Halvar Flake <halvar () gmx de>
Date: Thu, 12 Feb 2004 09:07:48 +0100
Hey Brett, BM> Of course reverse enginerring all the dlls/functions and reviewing the code BM> while been extremely time cosuming, could turn up gold... Perhaps its just BM> a matter of knowing 'where to look'.... Perhabs we need a better approach to know on what to focus. Perhabs "ranking" DLL's by importance wouldn't be a bad idea (importance being the number of applications using the DLL and passing user data into it... LZ32.DLL anyone ?), then taking the most important DLL and auditing it first. The pleasures of modularisation and code reuse. Anyhow, I _really_ should get back to my studies :) Cheers, Halvar _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Bradley, Terry (CONTR) (Feb 11)
- Re: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Dave Aitel (Feb 11)
- Re: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Nicob (Feb 11)
- Re[2]: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Halvar Flake (Feb 11)
- RE: Re[2]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007 Brett Moore (Feb 11)
- Re[4]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007 Halvar Flake (Feb 12)
- RE: Re[4]: ASN.1 Vulnerability Could Allow CodeExecution(828028); Microsoft Security Bulletin MS04-007 john blumenthal (Feb 15)
- Re: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Nicob (Feb 11)
- Re: Re[2]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007 Matt Hargett (Feb 11)
- Re: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Dave Aitel (Feb 11)