[Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
jeremy at austin.ibm.com
jeremy at austin.ibm.com
Wed Feb 11 15:41:28 GMT 2004
Quoting Philippe (philippe.letrait at laposte.net):
> Note that nessus or retina should (not tested) detect remotely that flaw.
>
> See nessus pluging source for exploit ;-):
> - http://cgi.nessus.org/plugins/dump.php3?id=12052
I just checked the nessus plugin. It's just checking for registry
entries. There's nothing like a mad l33t registry key reader exploit.
jeremy
--
Jeremy Kelley <jeremy at austin.ibm.com> Threat Assessment Analyst
jeremy's opinions are definitely not ibm policy,
if so, he'd have a waaay nicer office. :)
Full-Disclosure is hosted and sponsored by Secunia.