lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Jun 7 11:37:04 2006 From: Thierry at Zoller.lu (Thierry Zoller) Subject: MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable Dear kcope, Under windows the heap structure changes when a debugger is attached, which may lead to an exploitable condition even when the condition is not there without debugger. There was a recent post on DailyDave about this "phenomena" http://www.immunitysec.com/pipermail/dailydave/2005-October/002585.html QUOTE : Also newer versions of windbg can be configured to prevent this: "Processes created by the debugger behave slightly differently than they would under normal conditions. Instead of using the standard heap API, processes created by the debugger use a special *debug heap*. On Microsoft(r) Windows XP and later versions of Windows, you can force a spawned process to use the standard heap instead of the debug heap by using the -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
Powered by blists - more mailing lists