lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <55EF2207.8090001@securify.nl> Date: Tue, 8 Sep 2015 19:59:35 +0200 From: "Securify B.V." <lists@...urify.nl> To: fulldisclosure@...lists.org Subject: Re: [FD] Integer overflow in .NET Framework System.DirectoryServices.Protocols.Utility class Microsoft released MS15-101 that addresses this issue: https://technet.microsoft.com/library/security/ms15-101 On 25-07-15 09:02, Securify B.V. wrote: > ------------------------------------------------------------------------ > Integer overflow in .NET Framework > System.DirectoryServices.Protocols.Utility class > ------------------------------------------------------------------------ > Yorick Koster, May 2015 > > ------------------------------------------------------------------------ > Abstract > ------------------------------------------------------------------------ > An integer overflow exists in the > System.DirectoryServices.Protocols.Utility class of the .NET Framework. > Triggering this issue results in an overflown integer that is used to > allocate a buffer on the heap that is too small, resulting in memory > corruption. Exploiting this issues appears to be difficult. > Consequently, Microsoft has decided to not release a security bulletin. > > ------------------------------------------------------------------------ > Affected versions > ------------------------------------------------------------------------ > This issue affects .NET Framework version 4.5 and 4.6. Other versions > are not affected as this issue can only be triggered using large arrays > (> 2GB). > > ------------------------------------------------------------------------ > Fix > ------------------------------------------------------------------------ > There is currently no fix available for this issue. Microsoft will not > release a security bulletin, it may be fixed in future versions of the > .NET Framework. > > [...] [we] are going to pursue this as a candidate for improvement in > future versions, [...] On x86, the feasibility of an attack is mitigated > by the maximum process memory and even on amd64, prevailing > configurations preclude this from being a feasible attack. > > ------------------------------------------------------------------------ > Details > ------------------------------------------------------------------------ > https://www.securify.nl/advisory/SFY20150501/integer_overflow_in__net_framework_system_directoryservices_protocols_utility_class.html > _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists