lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <43C80DE4.6010702@sdf.lonestar.org>
Date: Fri Jan 13 20:30:56 2006
From: bkfsec at sdf.lonestar.org (bkfsec)
Subject: Re: [ GLSA 200601-09 ] Wine:
	Windows	MetafileSETABORTPROC vulnerability

Todd Towles wrote:

> 
>Austin wrote:
>  
>
>>Can anyone else verify Steve Gibson's assertion that this 
>>flaw was intentionally placed by Microsoft programmers?
>>    
>>
>
>Better yet, can anyone else verify what he is taking or mixing?
>
>  
>
The way I read what he's saying there, he's saying that you enter 
malformed input and that malformed input pushes the executable code into 
position to be executed... and as such, because it would be nuts to 
allow odd malformed input to push code into a position to be executed, 
it MUST be intentional.

Hey, I am a Free Software advocate... I'd love to jump on Microsoft if I 
could.  I can, in all honesty, say that the way that the WMF file format 
is setup is a bit nuts from a security standpoint. 

However, if his standard for what makes a vulnerability an intentional 
backdoor is the fact that such malformed data can be entered, then by 
that standard every single buffer overflow, stack overflow, etc... would 
have to be intentional, under that standard.  As much as I'd like to 
jump on Microsoft, I don't think that a sane person can agree with such 
a ludicrous statement.  Now, if there are other reasons to believe that 
this is intentional, well I'd listen regarding it.  However, what I read 
in the provided link doesn't bring me to the conclusion that the flaw 
was intentional, but rather that Steve Gibson is a bit wacko.

Sure, I'm sure that one could make an argument that some acceptances of 
malformed input are intentional backdoors, but not simply by showing 
that there's poor design in the software.  That's not enough at all - 
and neither is speculation.

                -bkfsec

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ