lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAJB2JzuCVLNehdjvh+mUuK7wtm2Z6SZy9iApK8Kt=aSh_JbLZg@mail.gmail.com>
Date: Tue, 23 Aug 2011 01:06:03 +0200
From: Mario Vilas <mvilas@...il.com>
To: Levent Kayan <levonkayan@....net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Skype 5.3.*.5.2.* Critical Pointer
	Vulnerability

Oh, and BTW...

--- Violation Exception Log ---
0:034> g
(f10.ed4): Unknown exception  (first chance)
(f10.ed4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=c07ca54b ebx=a96959bc ecx=d8f10db2 edx=0000155f esi=d7263481 edi=3e294540
eip=25c50116 esp=37f91000 ebp=50601616 iopl=0         nv up ei pl nz na po nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
25c50116 cd01            int     1
0:000> !exchain
0018e8f8:
Skype+8be3a0 (00cbe3a0)


This doesn't look like an exploitable buffer overflow to me. I think
you just stumbled upon Skype's anti-debug measures.



On Tue, Aug 23, 2011 at 1:02 AM, Mario Vilas <mvilas@...il.com> wrote:

> Perhaps you should post the contents of the advisory here as well. Many
> people won't happily click on a link without any explanations.
>
> On Mon, Aug 22, 2011 at 9:14 PM, Levent Kayan <levonkayan@....net> wrote:
>
>> hello,
>>
>> http://vulnerability-lab.com/get_content.php?id=180
>>
>>
>> cheers,
>> noptrix
>>
>> --
>> Name: Levent 'noptrix' Kayan
>> E-Mail: noptrix@...ergarten.net
>> GPG key: 0x014652c0
>> Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
>> Homepage: http://www.noptrix.net/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
>
> --
> “There's a reason we separate military and the police: one fights the enemy
> of the state, the other serves and protects the people. When the military
> becomes both, then the enemies of the state tend to become the people.”
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
“There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.”

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ