Full Disclosure mailing list archives

Re: RE: Unchecked buffer in mstask.dll

From: "Curt Purdy" <purdy () tecman com>
Date: Thu, 15 Jul 2004 15:09:30 -0500

Nick FitzGerald wrote:

I'd say that's because you changed the filetype; pif files simply
contain information on how to handle a DOS executable; they aren't a
program themselves. All you did was make it get confused and kill
itself.


Yeah, but how long is it now since we've been telling programmers
"don't trust user-supplied data"??  (Hmmmm -- does it also fail on
W2K3??)


No, in W2K3 you get "Cannot query the properties for this program. There may
not be enough memory available. blah blah" as opposed to 100% cpu in 2K.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Unchecked buffer in mstask.dll Thor Larholm (Jul 14)
- <Possible follow-ups>
- RE: Unchecked buffer in mstask.dll vesselen.mironov (Jul 14)
- RE: Unchecked buffer in mstask.dll Paul Szabo (Jul 14)
  - Re: RE: Unchecked buffer in mstask.dll Jordan Cole (stilist) (Jul 14)
    - Re: RE: Unchecked buffer in mstask.dll Nick FitzGerald (Jul 14)
    - Re: RE: Unchecked buffer in mstask.dll Jordan Cole (stilist) (Jul 14)
    - Re: RE: Unchecked buffer in mstask.dll Tim (Jul 14)
    - Re: RE: Unchecked buffer in mstask.dll Curt Purdy (Jul 15)
  - RE: Unchecked buffer in mstask.dll Dmitry Yu. Bolkhovityanov (Jul 16)
    - RE: [ok] RE: Unchecked buffer in mstask.dll Curt Purdy (Jul 16)
- RE: Unchecked buffer in mstask.dll Thor Larholm (Jul 15)
- RE: RE: Unchecked buffer in mstask.dll Polazzo Justin (Jul 25)