Re[2]: ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007

[Halvar Flake <halvar () gmx de>]

Hey all,

N> And that's probably the same thing for the US-CERT and the
N> "Vulnerabilities Cartel" created by ISS, Foundstone, @stake, ...
N> So, from this page [1], we can deduce that there's numerous guys (at
N> least one hundred ?) knowing about 2 HIGH severity vulns in MS products
N> for half a year.

I personally think that anyone who looked seriously at MSASN1.DLL
could've had these vulns, and after the H323 bugs I would assume many
people took an interest and looked at it (which they didn't do
before).

But then again, is there anyone surprised at all ? I think with a
piece of soft as complex as Windows, we can safely assume that at any
given point in time some group of people will have a remote for it (if
you don't want to accept this notion, take iexplore into the picture
and the prospect of client-side exploitation).

Ahwell. I personally have this weird idea that we're by far not done
with MSASN1.DLL.

Cheers,
Halvar

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave