Bugtraq mailing list archives
Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
From: Steve Friedl <steve () unixwiz net>
Date: Thu, 12 Feb 2004 11:22:53 -0800
On Wed, Feb 11, 2004 at 10:10:32AM +0100, Rainer Gerhards wrote:
As someone else pointed out, there is also a potential large multitude of third party apps which rely on the Microsoft lib. This alone is a good indication an update is needed.
I wrote a small dependency-checker, and on my win2000 system it showed that 232 DLLs depended directly or indirectly on the MSASN1.DLL. It's a pretty wide range of programs that have this in their address space. It's a lot harder to find which programs actually *use* it, but checking Process Explorer shows quite a few applications that have it loaded; Quicken 2003 Yahoo! IM AOL IM SecureCRT Adobe Acrobat MusicMatch Jukebox Turbo Tax 2003 JASC PaintShop Pro Altova XML Spy NOTE: this does NOT mean that these applications are vulnerable to anything (even "potentially"). But it suggests a lot of places to look for stuff.
But I think the bottom line of all this is if a box is listening to 135, 139 OR 445, it is vulnerable. And workstations by default listen to this ports.
kerberos is a prime suspect too: 88/tcp and 88/ucp. Steve -- Stephen J Friedl | Software Consultant | Tustin, CA | +1 714 544-6561 www.unixwiz.net | I speak for me only | KA8CMY | steve () unixwiz net
Current thread:
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption, (continued)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption peter.huang (Feb 12)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tim Eddy (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Peter Pentchev (Feb 12)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Timothy J . Miller (Feb 12)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Florian Weimer (Feb 16)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Rainer Gerhards (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Tina Bird (Feb 11)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Alun Jones (Feb 11)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Rainer Gerhards (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Steve Friedl (Feb 12)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Thor Lancelot Simon (Feb 13)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Buck Huppmann (Feb 16)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption David Wilson (Feb 16)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Sam Schinke (Feb 12)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Drew Copley (Feb 12)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Boyce, Nick (Feb 13)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Michael Shigorin (Feb 16)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joshua Levitsky (Feb 16)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Bill Gallagher (Feb 15)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Marc Maiffret (Feb 10)