Dailydave mailing list archives
tech writeup on VML and the ZERT patch
From: Gadi Evron <ge () linuxbox org>
Date: Wed, 4 Oct 2006 09:53:24 -0500 (CDT)
We at ZERT released a paper on the VML vulnerability and how the ZERT patch worked (technical + ASM/C code). It can be found here: http://zert.isotf.org/papers/vml-details-20060928.pdf I just answered some guy on FD/other places on this subject, and figured re's here may be interested. Quoting: "Our (ZERT's) VML patch was what you refer to as "real". There was space issue with not enough bytes to play with, so Gil Dabah, one of our members, re-wrote the vulnerable function in Yasm, compiled it, and hard-coded the compiled code into the binary, with room to spare, saving functionality. Code crunching is back in style. :)" Thanks, Gadi. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- tech writeup on VML and the ZERT patch Gadi Evron (Oct 05)