[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20040214161401.GA12564@deneb.enyo.de>
Date: Sat, 14 Feb 2004 17:14:01 +0100
From: Florian Weimer <fw@...eb.enyo.de>
To: "Timothy J.Miller" <cerebus@...kheads.org>
Cc: BUGTRAQ@...urityfocus.com
Subject: Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Timothy J.Miller wrote:
> Is anyone else wondering why MS didn't fix this with the last round of
> ASN.1 decoding overflow vulnerabilities (remember the SNMP hole)? It's
> basically the same problem.
Not really. AFAIK, they haven't fixed an equivalent to the xdr_array()
integer overflow in the NSVC run-time library, either. (I was rather
surprised to see an HP-UX advisory on this issue a couple of weeks ago,
though.)
Powered by blists - more mailing lists