Full Disclosure mailing list archives
Re: Steve Gibson smokes crack?
From: Stan Bubrouski <stan.bubrouski () gmail com>
Date: Fri, 13 Jan 2006 18:10:41 -0500
Back to the original subject: [Full-disclosure] Steve Gibson smokes crack? Does anyone know if Steve Gibson does indeed smoke crack? If Marion Barry does, why can't he? These questions need answers! Or not, happy friday, drink up. -sb On 1/13/06, eric williams <nfobro () gmail com> wrote:
On 13 Jan 2006 14:31:06 -0800, Randal L. Schwartz <merlyn () stonehenge com> wrote:"Morning" == Morning Wood <se_cur_ity () hotmail com> writes:Morning> http://aolradio.podcast.aol.com/sn/SN-022.mp3 Morning> claiming SetAbortProc() was a purpose placed backdoor... I've heard that WINE suffers from the same exploit. How could it be a microsoft "conspiracy" if WINE (implemented from API docs) does the same thing?Randal, Thanks. That's is precisely the point I have been trying to make, however, the question is I gather flowing from the Gibson commentary, how or what exactly causes WINE to execute the code pointed at by the SetAbortProc record? Is it the "incorrect record length" is it some other munged input, is it "by design" which has also been alluded to, and seems to be your reference here. IOW, does any know the circumstances, in all cases, where the bug is triggered or is there only speculation based upon exploit code "working" against a given vulnerable implementation of the API? I know I am speculating, but is there or has there been a canonical analysis done by anyone? -e-- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <merlyn () stonehenge com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Steve Gibson smokes crack?, (continued)
- Re: Steve Gibson smokes crack? Stan Bubrouski (Jan 13)
- Re: Steve Gibson smokes crack? Jason Coombs (Jan 13)
- Re: Steve Gibson smokes crack? eric williams (Jan 13)
- Re: Steve Gibson smokes crack? bkfsec (Jan 13)
- Re: Steve Gibson smokes crack? Stan Bubrouski (Jan 13)
- Re: Steve Gibson smokes crack? Jason Coombs (Jan 13)
- Re: Steve Gibson smokes crack? bkfsec (Jan 13)
- RE: Steve Gibson smokes crack William Lefkovics (Jan 13)
- Re: Steve Gibson smokes crack? Jason Coombs (Jan 13)
- Re: Steve Gibson smokes crack? Stan Bubrouski (Jan 13)
- Re: Steve Gibson smokes crack? eric williams (Jan 13)
- Re: Steve Gibson smokes crack? Stan Bubrouski (Jan 13)
- RE: Steve Gibson smokes crack? Peter Ferrie (Jan 13)
- Re: Steve Gibson smokes crack? eric williams (Jan 13)
- RE: Steve Gibson smokes crack? Peter Ferrie (Jan 15)
- Re: Steve Gibson smokes crack? Stan Bubrouski (Jan 13)
- Re: Steve Gibson smokes crack? Byron Sonne (Jan 14)