Full Disclosure mailing list archives
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
From: cdowns <cdowns () drippingdead com>
Date: Wed, 11 Feb 2004 10:27:02 -0600
I agree, there is a problem with that because most Microsoft patches are updating a dll. So if your are not looking for both you dont have an accurate check.
I know this first hand from writing crappy Microcrap perl patch auditing tools.
~!>D Joao Gouveia wrote:
I can't say about Retina, but nessus only seams to check the existenceof the hotifx by looking at the registry.JG On Wed, 2004-02-11 at 09:02, Philippe wrote:Note that nessus or retina should (not tested) detect remotely that flaw. See nessus pluging source for exploit ;-): - http://cgi.nessus.org/plugins/dump.php3?id=12052 Or update your security scanners - http://www.nessus.org - http://www.eeye.com/html/Products/Retina/index.html Hope this helps Regards _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft credit policy (was: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption), (continued)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption J. Theriault (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Scott Taylor (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library LengthOverflow Heap Corruption Tim Kowalsky (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Damian Gerow (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption http-equiv () excite com (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Philippe (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Philippe (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joao Gouveia (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption cdowns (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption jeremy (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joao Gouveia (Feb 11)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption webheadport80 (Feb 11)