lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 25 Jul 2015 09:02:20 +0200
From: "Securify B.V." <lists@...urify.nl>
To: fulldisclosure@...lists.org
Subject: [FD] Integer overflow in .NET Framework
 System.DirectoryServices.Protocols.Utility class

------------------------------------------------------------------------
Integer overflow in .NET Framework
System.DirectoryServices.Protocols.Utility class
------------------------------------------------------------------------
Yorick Koster, May 2015

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
An integer overflow exists in the
System.DirectoryServices.Protocols.Utility class of the .NET Framework.
Triggering this issue results in an overflown integer that is used to
allocate a buffer on the heap that is too small, resulting in memory
corruption. Exploiting this issues appears to be difficult.
Consequently, Microsoft has decided to not release a security bulletin.

------------------------------------------------------------------------
Affected versions
------------------------------------------------------------------------
This issue affects .NET Framework version 4.5 and 4.6. Other versions
are not affected as this issue can only be triggered using large arrays
(> 2GB).

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
There is currently no fix available for this issue. Microsoft will not
release a security bulletin, it may be fixed in future versions of the
.NET Framework.

[...] [we] are going to pursue this as a candidate for improvement in
future versions, [...] On x86, the feasibility of an attack is mitigated
by the maximum process memory and even on amd64, prevailing
configurations preclude this from being a feasible attack.

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20150501/integer_overflow_in__net_framework_system_directoryservices_protocols_utility_class.html

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists