[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
- To: Ivan Security <ivanchukl@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
- From: webDEViL <w3bd3vil@xxxxxxxxx>
- Date: Fri, 27 Nov 2009 11:15:00 +0300
That's what binary diffing is all about.
Sent from my iPhone
On Nov 27, 2009, at 7:59 AM, Ivan Security <ivanchukl@xxxxxxxxx> wrote:
> Hi list,
>
> Has anyone more details about this vulnerability?. The advisory just
> say:
> "The vulnerability exists due to the TCP/IP stack not cleaning up
> state information correctly. This causes the TCP/IP stack to
> reference a field as a function pointer when it actually contains
> other information"
> I'd like to know a bit more in order to test it and make some
> research.
>
> Regards,
>
> Ivan.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/