| « My Task List | More links for MS08-067 » |
So what is the vulnerability?
If I understand this correctly.
Clever deconstruction of the patch
It used to be possible to force a buffer overflow by forcing the netapi32.dll to load
\..\..\..\..\..\abc
This was fixed in MS06-040 by stripping off and \.. characters at the beginning of the string.
Therefore \..\..\..\..\..\abc becomes \abc
However some bright button noticed that
\abc\..\..\..\..\xyz does the same buffer overflow but MS06-040 does not catch this. Hence the quick release of MS08-067