| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <81637804AB36A644BBDE3ED9DD4E73FD96D5BB@hermes.eCompany.gov> Date: Wed, 11 Feb 2004 14:47:14 -0800 From: "Drew Copley" <dcopley@...e.com> To: "Rainer Gerhards" <rgerhards@...adiscon.com>, "Tina Bird" <tbird@...cision-guesswork.com> Cc: <BUGTRAQ@...urityfocus.com> Subject: RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption > -----Original Message----- > From: Rainer Gerhards [mailto:rgerhards@...adiscon.com] > Sent: Wednesday, February 11, 2004 1:11 AM > To: Tina Bird > Cc: BUGTRAQ@...urityfocus.com > Subject: RE: EEYE: Microsoft ASN.1 Library Length Overflow > Heap Corruption > <snip> > But I think the bottom line of all this is if a box is > listening to 135, > 139 OR 445, it is vulnerable. And workstations by default > listen to this ports. If you use Outlook, you are vulnerable. If you use Internet Explorer, you are vulnerable. If you use Outlook Express, you are vulnerable. "Software Affected: Microsoft Internet Explorer Microsoft Outlook Microsoft Outlook Express Third-party applications that use certificates" Ref: http://www.eeye.com/html/Research/Advisories/AD20040210.html Speaking of this bug. We have noted, perhaps outside of the advisory, that we could send a malformed, digitally signed email and it could be the exploit point -- further, the email would not even have to be viewed. That is just one potential avenue of attack. <snip> > I am pretty sure it can. > > Rainer > >
Powered by blists - more mailing lists