Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| New ASN.1 vulnerabilities in Windows
Just released from the smart guys at eEye Digital Security which now includes my little brother Mikey:
Microsoft ASN.1 Library Length Overflow Heap Corruption
Microsoft ASN.1 Library Bit String Heap Corruption
Both allow remote code execution - this is gonna be fun.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
china crisis
join:2003-05-28 | Windows update patch available today for this vulrnability. |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| said by china crisis  :
Windows update patch available today for this vulrnability.
Ah, we're all going to be safe then 
I wonder when the first exploit for this will be released - gotta find a way to capture one....
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
Skipdawg
The Original
Premium,ExMod 2001-03
join:2001-04-19
The Void
 ·surpasshosting
| reply to china crisis
MS sure updates Windows update oddly now days. I show a critical update for XP Home but not for XP Pro. Both sp1.
The affected file Msasn1.dll mentioned with this ASN.1 Vulnerability was found on both my PC's as version 5.1.2600.0 dated 08-29-02 and 50 KB in size. The update on the XP home PC changes it to version5.1.2600.1274 dated 09-19-03 and 51 KB in size.
Thanks guys 
--
Proud US Navy Veteran! |
|
sig
Premium
join:2001-05-05 | reply to Steve
AP article on this also: »www.lasvegassun.com/sunbin/stori···177.html |
|
qrkx
Premium
join:2003-04-26
Montreal, QC
| reply to Steve
Bah...Probably been out there for a while...
"Marc Maiffret, co-founder of eEye Digital Security, the company that discovered the flaw, criticized Microsoft for taking more than six months to come up with a patch to fix the problem, particularly since the flaw allows an attacker multiple ways to break into a system and could do almost anything they wanted to the system. "
"We contacted Microsoft about these vulnerabilities 200 days ago, which is insane," he said. "Even the most secure Windows networks are going to be vulnerable to this flaw, which is very unique."
Now that it's public, those aware of it in the past or just being made aware of it will surely code a worm. I remember Code Red shortly followed an Eeye advisory back n 2001...
But 200 days to release a patch just because it's not in the wild (published)??? Yikes. Trustworthy Computing at its best! Hail Security through obscurity... Even those against full disclosure must be freakin' out!
rgds. |
|
Sarick
It's Only Logical
Premium
join:2003-06-03
USA
 ·FrontierNet Intern..
| reply to Steve
The new Gates M$ logo.. |
So many exploits so few lawsuits. It's the OS allowing 90% or more of these people to be infected and hacked.
--
Sarick's Dungeon Clipart Page
Trouble spelling? www.iespell.com |
|
linicx
Caveat Emptor
Premium
join:2002-12-03
United State
·CenturyLink
| There is not. Be careful what you ask for. Bubba has a bad habit of giving people that annoy him a one-way ticket and a bumpy ride
If my memory serves me somewhat correctly these days, none of this would have been possible before A -) VBS was released, or before B-) XP was released with root access enabled by default. Both were items the security community warned Bill Gates about before he did it.
So maybe if root access is secure by default, and maybe if MS email is no longer coded in VBS, and maybe if no attachments, URLs or HTML are allowed in email, then maybe we can have a more pleasant computing experience for a while. Maybe - but I wouldn't bet the farm on that miracle yet.
--
Be careful what you ask for - you just might get it. |
|
catseyenu
Ack Pfft
Premium
join:2001-11-17
Fix East
| reply to Skipdawg
Re: New ASN.1 vulnerabilities in Windows
Hit WU when the alert from Bugtraq hit my box, saw it and thought I'd wait a bit.
Came back to WU after the Cert Alert hit and it was no longer showing.
A refresh of the page and it popped back up.
I think it was so fresh all the servers didn't have it loaded yet.
If you think this one is scary wait till you see what else they have been sitting on. |
|
bButt
@nwherald.com
| reply to Steve
Here's Trustworthy Computing for you:
-----------------------
Date Reported:
July 25, 2003
Release Date:
February 10, 2004
-----------------------
Date Reported:
September 25, 2003
Release Date:
February 10, 2004
-----------------------
Can anyone recommend a good dictionary for me? Mine seems to be outdated, since I have the definition of "trustworthy" as:
(Adjective) Taking responsibility for one's conduct and obligations
I can't wait for the next worm; it ought to be fun. Of course, it will be 100% the users' fault again. |
|
gkweb
join:2003-06-09
76800
1 edit | reply to Steve
i didn't find how this could be used remotely ? i don't see any common things with remote RPC DCOM vulnerability for example, is this will be used by worms or is it only a local exploit ? |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| said by gkweb :
i didn't find how this could be used remotely ?
Kerberos and SSL come to mind.
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| reply to Steve
eEye's Retina network scanning tool will detect this vulnerability - does anybody out have any TCPDUMP traces of what it's probing for?
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
gkweb
join:2003-06-09
76800
| reply to Steve
said by Steve :
said by gkweb :
i didn't find how this could be used remotely ?
Kerberos and SSL come to mind.
so are home users safe ?
I am just trying to imagine if a worm like MSblast can use this vulnerability or not. |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| said by gkweb :
so are home users safe ?
It's too early to tell - we're just guessing at plausible infection vectors - but I think "if you're patched, you're safe".
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
