Vulnerability Development mailing list archives
Re: Format Bugs in Windows Code?
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Sat, 9 Sep 2000 03:43:39 +0200
I see no reason why this class of bugs should be restricted to UNIX code.
Depends on how the compiler implements vargs?
However, I also cannot recall seeing a format bug announced for Windows yet.
Far less windows source is open source ;) Actually, I vagely remember an Win32 developer posted source code in vuln-dev with questions regarding if his source was vulnerable (seemed to be) but the name of the application wasn't discolsured, mayhap not a wellknown one. After all, people should remember that so far there have been a very limited number of reports of vulnerable applications at all. Anyone keeping records of when these bugs were first realized & discoved? Some digging reveals the following: Jun 30 2000, wu-ftpd: http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D76204 since then numerous reports on wu-ftpd, popper, pro-ftpd & bitchx are posted. Although they were many in a short while, it would seem either we got most of these bugs in a row, or the others are harder to track down. I think I remember reports of these vulnerabilities even before this, but then the full concept wasn't realized (crash only I think was realized) and one of my reasons for stop running ftp was all the problems related to them. Lurking about some more reveals that proftpd developers seems to have been investigating this problem in april: http://www.proftpd.org/proftpd-devel-archive/00-04/msg00092.html Anyone know of any previous discussions regarding these kind of bugs? ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team On Thu, 7 Sep 2000, Crispin Cowan wrote:
This C|Net news story http://yahoo.cnet.com/news/0-1003-200-2719802.html?pt.yfin.cat_fin.txt.ne breaks the news about format bugs to the main stream media, but describes it as a UNIX/Linux problem. I see no reason why this class of bugs should be restricted to UNIX code. However, I also cannot recall seeing a format bug announced for Windows yet. Anyone know of an instance? Crispin -- Crispin Cowan, Ph.D. Chief Research Scientist, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org Olympics: The Corruption Games
Current thread:
- Format Bugs in Windows Code? Crispin Cowan (Sep 08)
- Re: Format Bugs in Windows Code? Iván Arce (Sep 12)
- Re: Format Bugs in Windows Code? Bluefish (P.Magnusson) (Sep 12)
- Re: Format Bugs in Windows Code? Crispin Cowan (Sep 12)
- Re: Format Bugs in Windows Code? Bluefish (P.Magnusson) (Sep 12)
- Re: Format Bugs in Windows Code? Pavel Kankovsky (Sep 12)
- Re: Format Bugs in Windows Code? Bluefish (P.Magnusson) (Sep 13)
- Re: Format Bugs in Windows Code? Daniel Jacobowitz (Sep 12)
- Re: Format Bugs in Windows Code? Crispin Cowan (Sep 12)
- <Possible follow-ups>
- Re: Format Bugs in Windows Code? Michael Wojcik (Sep 12)
- Re: Format Bugs in Windows Code? Thomas Dullien (Sep 12)
- Re: Format Bugs in Windows Code? Scott Hardy (Sep 12)
- Re: Format Bugs in Windows Code? Michael Wojcik (Sep 12)