[Full-disclosure] Steve Gibson smokes crack?
nfobro at gmail.com
Fri Jan 13 22:55:17 GMT 2006
On 13 Jan 2006 14:31:06 -0800, Randal L. Schwartz <merlyn at stonehenge.com> wrote:
> >>>>> "Morning" == Morning Wood <se_cur_ity at hotmail.com> writes:
> Morning> http://aolradio.podcast.aol.com/sn/SN-022.mp3
> Morning> claiming SetAbortProc() was a purpose placed backdoor...
> I've heard that WINE suffers from the same exploit. How could
> it be a microsoft "conspiracy" if WINE (implemented from API docs)
> does the same thing?
Thanks. That's is precisely the point I have been trying to make,
however, the question is I gather flowing from the Gibson commentary,
how or what exactly causes WINE to execute the code pointed at by the
SetAbortProc record? Is it the "incorrect record length" is it some
other munged input, is it "by design" which has also been alluded to,
and seems to be your reference here.
IOW, does any know the circumstances, in all cases, where the bug is
triggered or is there only speculation based upon exploit code
"working" against a given vulnerable implementation of the API?
I know I am speculating, but is there or has there been a canonical
analysis done by anyone?
> Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> <merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
> See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure is hosted and sponsored by Secunia.