Full Disclosure mailing list archives
Re: EEYE: Microsoft ASN.1 Library LengthOverflow Heap Corruption
From: "Tim Kowalsky" <tekowalsky () deltecsolutions com>
Date: Wed, 11 Feb 2004 02:26:39 -0600
And how many vulnerabilities have been found by other researchers and not had a patch or bulletin issued yet by Microsoft. (Obviously that's a bit of a rhetorical question...)
From: "Les Ault" <aultl () comcast net> Date: Tue, 10 Feb 2004 23:14:09 -0500 To: "'Richard M. Smith'" <rms () computerbytesman com>, <full-disclosure () lists netsys com> Subject: RE: [Full-disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Apparently there are 7 upcoming advisories, and the oldest one is 93 days old. Link: http://www.eeye.com/html/Research/Upcoming/index.html -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Richard M. Smith Sent: Tuesday, February 10, 2004 9:41 PM To: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Hi Marc,Date Reported: July 25, 2003Given that it took Microsoft almost 6 months to fix this problem, I'm wondering how many other Eeye security holes are in the queue that Microsoft is currently working on. Enquiring minds would like to know! ;-) Richard _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption, (continued)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Papp Geza (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Richard M. Smith (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Byron Copeland (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Les Ault (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Byron Copeland (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Benjamin Meade (Feb 10)
- Microsoft credit policy (was: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption) Spiro Trikaliotis (Feb 11)
- Re: Microsoft credit policy (was: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption) CHS (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption J. Theriault (Feb 10)
- RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Scott Taylor (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library LengthOverflow Heap Corruption Tim Kowalsky (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Damian Gerow (Feb 10)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Joao Gouveia (Feb 11)
- Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption jeremy (Feb 11)