| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Feb 2004 19:04:31 -0000
From: "Boyce, Nick" <nick.boyce@....com>
To: BUGTRAQ@...urityfocus.com
Cc: "'Marc Maiffret'" <mmaiffret@...e.com>
Subject: RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
On 10.Feb.2004, Marc Maiffret wrote :
> Systems Affected:
> Microsoft Windows NT 4.0 (all versions)
> Microsoft Windows 2000 (SP3 and earlier)
> crosoft Windows XP (all versions)
>
> Software Affected:
> Microsoft Internet Explorer
> Microsoft Outlook
> Microsoft Outlook Express
> Third-party applications that use certificates
At the risk of boring everyone with thoughts of "obsolete" technology, I
note that Win98SE systems with Internet Explorer 6 SP1 and all current fixes
contain the library MSASN1.DLL :
location: {system drive}\WINDOWS\SYSTEM
version: 4.4.3388
size: 51,984 bytes
date: 23rd.October.2000
Since the library is apparently used by IE to process webserver SSL
certificates, can anyone comment on the likely vulnerability of Win98SE
systems to this flaw (as presented by malicious websites with suitably
crafted server certificates) ? As is noted here regularly, there are a lot
of Win98 systems still out there.
The file versions for MSASN1.DLL listed in
http://www.microsoft.com/technet/security/bulletin/MS04-007.asp are all of
the form 5.m.nnnn.x, so it may be that the Win98 version is so much older
that it doesn't contain the vulnerable code ...
Nick Boyce
EDS, Bristol, UK
Powered by blists - more mailing lists