lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ace868f90601131455u5b778103w10708c3776ed0107@mail.gmail.com>
Date: Fri Jan 13 22:55:25 2006
From: nfobro at gmail.com (eric williams)
Subject: Steve Gibson smokes crack?

On 13 Jan 2006 14:31:06 -0800, Randal L. Schwartz <merlyn@...nehenge.com> wrote:
> >>>>> "Morning" == Morning Wood <se_cur_ity@...mail.com> writes:
>
> Morning> http://aolradio.podcast.aol.com/sn/SN-022.mp3
> Morning> claiming SetAbortProc() was a purpose placed backdoor...
>
> I've heard that WINE suffers from the same exploit.  How could
> it be a microsoft "conspiracy" if WINE (implemented from API docs)
> does the same thing?
>
Randal,

Thanks.  That's is precisely the point I have been trying to make,
however, the question is I gather flowing from the Gibson commentary,
how or what exactly causes WINE to execute the code pointed at by the
SetAbortProc record?  Is it the "incorrect record length" is it some
other munged input, is it "by design" which has also been alluded to,
and seems to be your reference here.

IOW, does any know the circumstances, in all cases, where the bug is
triggered or is there only speculation based upon exploit code
"working" against a given vulnerable implementation of the API?

I know I am speculating, but is there or has there been a canonical
analysis done by anyone?

-e
> --
> Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> <merlyn@...nehenge.com> <URL:http://www.stonehenge.com/merlyn/>
> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
> See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ