|
|
BugTraq
RE: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Feb 11 2004 09:10AM Rainer Gerhards (rgerhards hq adiscon com) (2 replies) Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Feb 13 2004 06:04AM Thor Lancelot Simon (tls rek tjls com) (2 replies) Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Feb 14 2004 04:46PM Buck Huppmann (buckh pobox com) Re: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption Feb 13 2004 11:14PM David Wilson (David Wilson isode com) |
|
Privacy Statement |
> As someone else pointed out, there is also a potential large multitude
> of third party apps which rely on the Microsoft lib. This alone is a
> good indication an update is needed.
I wrote a small dependency-checker, and on my win2000 system it showed
that 232 DLLs depended directly or indirectly on the MSASN1.DLL. It's a
pretty wide range of programs that have this in their address space.
It's a lot harder to find which programs actually *use* it, but checking
Process Explorer shows quite a few applications that have it loaded;
Quicken 2003
Yahoo! IM
AOL IM
SecureCRT
Adobe Acrobat
MusicMatch Jukebox
Turbo Tax 2003
JASC PaintShop Pro
Altova XML Spy
NOTE: this does NOT mean that these applications are vulnerable to
anything (even "potentially"). But it suggests a lot of places to
look for stuff.
> But I think the bottom line of all this is if a box is listening to 135,
> 139 OR 445, it is vulnerable. And workstations by default listen to this
> ports.
kerberos is a prime suspect too: 88/tcp and 88/ucp.
Steve
--
Stephen J Friedl | Software Consultant | Tustin, CA | +1 714 544-6561
www.unixwiz.net | I speak for me only | KA8CMY | steve (at) unixwiz (dot) net [email concealed]
[ reply ]