Interesting People mailing list archives
more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake
From: David Farber <dave () farber net>
Date: Fri, 13 Jan 2006 18:59:45 -0500
Begin forwarded message: From: security curmudgeon <jericho () attrition org> Date: January 13, 2006 6:27:51 PM EST To: David Farber <dave () farber net> Cc: ip () v2 listbox comSubject: Re: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake
As Randal Schwartz points out, this vulnerability affects WINE. If itaffects an opensource project that is based off Windows API documentation,
and not Microsoft code .. it seems very unlikely this is an intentional backdoor. WINE info: http://www.winehq.com/ H D Moore discovers WINE is vulnerable: http://archives.neohapsis.com/archives/dailydave/2006-q1/0021.html Gentoo confirms WINE is vulnerable: http://www.gentoo.org/security/en/glsa/glsa-200601-09.xml From: Randal L. Schwartz <merlyn () stonehenge com> To: Morning Wood <se_cur_ity () hotmail com> Cc: full-disclosure () lists grok org uk Date: 13 Jan 2006 14:31:06 -0800 Subject: Re: [Full-disclosure] Steve Gibson smokes crack?
"Morning" == Morning Wood <se_cur_ity () hotmail com> writes:
Morning> http://aolradio.podcast.aol.com/sn/SN-022.mp3 Morning> claiming SetAbortProc() was a purpose placed backdoor... I've heard that WINE suffers from the same exploit. How could it be a microsoft "conspiracy" if WINE (implemented from API docs) does the same thing? --Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn () stonehenge com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake David Farber (Jan 13)
- <Possible follow-ups>
- more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake David Farber (Jan 13)