[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption

To: "Timothy J.Miller" <cerebus@sackheads.org>
Subject: Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sat, 14 Feb 2004 17:14:01 +0100

Timothy J.Miller wrote:

> Is anyone else wondering why MS didn't fix this with the last round of 
> ASN.1 decoding overflow vulnerabilities (remember the SNMP hole)?  It's 
> basically the same problem.

Not really.  AFAIK, they haven't fixed an equivalent to the xdr_array()
integer overflow in the NSVC run-time library, either.  (I was rather
surprised to see an HP-UX advisory on this issue a couple of weeks ago,
though.)

References:
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
  - From: "Tim Eddy" <eddyt@stgeorge.com.au>
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
  - From: "Timothy J.Miller" <cerebus@sackheads.org>

Prev by Date: Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Next by Date: Re: W2K source "leaked"?
Previous by thread: Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Next by thread: Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Index(es):
- Date
- Thread