[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
From: Joao Gouveia <tharbad@kaotik.org>
Date: Wed, 11 Feb 2004 15:33:53 +0000

I can't say about Retina, but nessus only seams to check the existence
of the hotifx by looking at the registry. 

JG

On Wed, 2004-02-11 at 09:02, Philippe wrote:
> Note that nessus or retina should (not tested) detect remotely that flaw.
> 
> See nessus pluging source for exploit ;-):
> - http://cgi.nessus.org/plugins/dump.php3?id=12052
> 
> Or update your security scanners
> - http://www.nessus.org
> - http://www.eeye.com/html/Products/Retina/index.html
> 
> Hope this helps
> Regards
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
  - From: cdowns <cdowns@drippingdead.com>

References:
- Re: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
  - From: Philippe <philippe.letrait@laposte.net>

Prev by Date: [Full-Disclosure] [RHSA-2004:051-01] Updated mutt packages fix remotely-triggerable crash
Next by Date: Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
Previous by thread: Re: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Next by thread: Re: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Index(es):
- Date
- Thread