| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <474EB069.40705@s0ftpj.org> Date: Thu, 29 Nov 2007 13:28:25 +0100 From: "KJK::Hyperion" <hackbunny@...tpj.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Tonnerre Lombard ha scritto: >>>> Isn't the FTP client compiled with stack overflow protection? >>> If so, how is that supposed to help? >> By terminating the program before the payload is executed > May I suggest that this protection is not perfect? I was hoping that > people on this mailing list consider this to be an established fact. You can suggest it. However, ftp.exe is also linked with the secure exception handlers option. How do you divert execution when ftp.exe is running on a platform with encrypted global pointers? ftp.exe is no Internet Explorer, either, you cannot arbitrarily load third party DLLs in it. Why, it doesn't even link shell32.dll or ole32.dll. And I remind you these are buffer overflows in a text field of an user interface Rajesh and others like him have been peddling this "vulnerability" for months if not years. Some security "professionals" should stop fooling themselves and have the basic honesty to admit their behavior is rather more fitting of a small-time loan shark or mafia picciotto, if not the honesty to submit straight away to the vendor what is clearly just a bug with no strategical security implications _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists