Dailydave mailing list archives

Re[4]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007

From: Halvar Flake <halvar () gmx de>
Date: Thu, 12 Feb 2004 09:07:48 +0100

Hey Brett,

BM> Of course reverse enginerring all the dlls/functions and reviewing the code
BM> while been extremely time cosuming, could turn up gold... Perhaps its just
BM> a matter of knowing 'where to look'....

Perhabs we need a better approach to know on what to focus. Perhabs
"ranking" DLL's by importance wouldn't be a bad idea (importance being
the number of applications using the DLL and passing user data into
it... LZ32.DLL anyone ?), then taking the most important DLL and
auditing it first. The pleasures of modularisation and
code reuse.

Anyhow, I _really_ should get back to my studies :)

Cheers,
Halvar

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Bradley, Terry (CONTR) (Feb 11)
- Re: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Dave Aitel (Feb 11)
  - Re: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Nicob (Feb 11)
    - Re[2]: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007 Halvar Flake (Feb 11)
    - RE: Re[2]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007 Brett Moore (Feb 11)
    - Re[4]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007 Halvar Flake (Feb 12)
    - RE: Re[4]: ASN.1 Vulnerability Could Allow CodeExecution(828028); Microsoft Security Bulletin MS04-007 john blumenthal (Feb 15)
    - Re: Re[2]: ASN.1 Vulnerability Could Allow Code Execution(828028); Microsoft Security Bulletin MS04-007 Matt Hargett (Feb 11)