Full Disclosure mailing list archives
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
From: jeremy () austin ibm com
Date: Wed, 11 Feb 2004 09:41:28 -0600
Quoting Philippe (philippe.letrait () laposte net):
Note that nessus or retina should (not tested) detect remotely that flaw. See nessus pluging source for exploit ;-): - http://cgi.nessus.org/plugins/dump.php3?id=12052
I just checked the nessus plugin. It's just checking for registry entries. There's nothing like a mad l33t registry key reader exploit. jeremy -- Jeremy Kelley <jeremy () austin ibm com> Threat Assessment Analyst jeremy's opinions are definitely not ibm policy, if so, he'd have a waaay nicer office. :) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Microsoft credit policy (was: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption), (continued)
- Re: Microsoft credit policy (was: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption) CHS (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption J. Theriault (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Scott Taylor (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library LengthOverflow Heap Corruption Tim Kowalsky (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Damian Gerow (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption http-equiv () excite com (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Philippe (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Philippe (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joao Gouveia (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption jeremy (Feb 11)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption webheadport80 (Feb 11)