« My Task ListMore links for MS08-067 »

So what is the vulnerability?

If I understand this correctly.

Clever deconstruction of the patch

It used to be possible to force a buffer overflow by forcing the netapi32.dll to load

\..\..\..\..\..\abc

This was fixed in MS06-040 by stripping off and \.. characters at the beginning of the string.

Therefore \..\..\..\..\..\abc becomes \abc

However some bright button noticed that

\abc\..\..\..\..\xyz does the same buffer overflow but MS06-040 does not catch this. Hence the quick release of MS08-067

This entry was posted on October 27th, 2008 at 06:53:13 pm and is filed under Uncategorized.

No feedback yet

Leave a comment


Your email address will not be revealed on this site.

Your URL will be displayed.
(Line breaks become <br />)
(Name, email & website)
(Allow users to contact you through a message form (your email will not be revealed.)