Full Disclosure mailing list archives
Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
From: Blue Boar <BlueBoar () thievco com>
Date: Tue, 28 Aug 2007 15:49:31 -0700
I remember people being all paranoid about the DMCA. They were worried security researchers would be sued for trying to release vulnerability information. But since that turned out to be unfounded, I guess we don't have to worry about the German thing. ;) BB Kevin Finisterre (lists) wrote:
Would you have honestly provided *MORE* detail prior to the law being in effect? Doesn't the law refer to things that are intended to be used for illegal activity? I don't recall the advisories being any more verbose pre law.... Thanks. -KF On Aug 27, 2007, at 4:41 PM, Sergio Alvarez wrote:Hi 3APA3A, It was a mistake in the advisory, It should say: "Integer cast around in UPX packed files parsing" I ask for apologies for the mistake. Unfortunately we can't give more details about the vulnerability because the German Law (ยง202) Cheers, Sergio _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory security (Aug 24)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory 3APA3A (Aug 27)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Sergio Alvarez (Aug 28)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Kevin Finisterre (lists) (Aug 28)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Blue Boar (Aug 28)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Kevin Finisterre (lists) (Aug 28)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Simon Smith (Aug 29)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Valdis . Kletnieks (Aug 29)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Sergio Alvarez (Aug 28)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory 3APA3A (Aug 27)
- Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory Lisa Thalheim (Aug 29)