[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] help analysing asn overflow

To: Valdis.Kletnieks@xxxxxx
Subject: Re: [Full-disclosure] help analysing asn overflow
From: David Chastain <dlcmacosx@xxxxxxx>
Date: Fri, 21 Sep 2007 13:38:20 -0700

Are you gonna blow hot air VK or are you gonna help the man/woman???
 
On Friday, September 21, 2007, at 12:44PM, <Valdis.Kletnieks@xxxxxx> wrote:
>On Sat, 22 Sep 2007 00:49:30 +0530, Code Breaker said:
>
>> i am trying to analyse the old asn integer overflow.Can anyone guide me
>> towards right direction?which function contains the vulnerable code?is it
>> asn1_decode?
>
>It's not "the old asn integer", it's "one of the old asn integer"...
>
>There were about a zillion and a half different places in that code that
>were exploitable, because actual error checking was, like, a foreign language
>to that crew when they wrote it originally.
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] help analysing asn overflow
  - From: Code Breaker
- Re: [Full-disclosure] help analysing asn overflow
  - From: Valdis . Kletnieks

Prev by Date: Re: [Full-disclosure] 0day: PDF pwns Windows
Next by Date: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research...
Previous by thread: Re: [Full-disclosure] help analysing asn overflow
Next by thread: [Full-disclosure] iDefense Security Advisory 09.19.07: Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities
Index(es):
- Date
- Thread