| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100908220820.GH31517@syn.titan.net> Date: Wed, 8 Sep 2010 15:08:20 -0700 From: Fyodor <fyodor@...ecure.org> To: full-disclosure@...ts.grok.org.uk Subject: Re: Nmap NOT VULNERABLE to Windows DLL Hijacking Vulnerability On Sun, Sep 05, 2010 at 07:01:19PM +0530, Nikhil Mittal wrote: > 1. Overview > nmap <= 5.21 is vulnerable to Windows DLL Hijacking Vulnerability. Nmap is not vulnerable. DLL hijacking works because of an unfortunate interaction between apps which register Windows file extensions and the default Windows DLL search path used for those apps. Nmap does not, and never has, registered any Windows file extensions. So it isn't vulnerable to this issue. > 8. Solution > Fixed in latest development release. We have not made a special new development release, nor are we planning one. We do agree that Windows' default DLL search path handling is dumb, so we have added code in our source repository to improve that. It will be included in our next regular release (maybe in a month or so), along with other proactive security improvements such as enabling Windows ASLR and DEP support. Cheers, Fyodor _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists