Bugtraq: Re: Windows doesn't verify digital signature of CRL files

Nmap Security Scanner

Intro

Docs
Security Lists

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Windows doesn't verify digital signature of CRL files

From: Valdis.Kletnieks () vt edu
Date: Tue, 10 Aug 2004 14:07:23 -0400

On Tue, 10 Aug 2004 07:32:40 -0000, Thomas Walpuski said:

Sane use of CertGetCRLFromStore makes sure only ....


Yes.. and sane checking of subscripts prevents buffer overflows.

What's wrong with this picture? :)

Attachment: _bin
Description:

Current thread:

Re: Windows doesn't verify digital signature of CRL files, (continued)
- Re: Windows doesn't verify digital signature of CRL files Thomas Walpuski (Aug 10)
  - Re: Windows doesn't verify digital signature of CRL files Neil Gierman (Aug 10)
    - Re: Windows doesn't verify digital signature of CRL files Jack Lloyd (Aug 10)
    - Re: Windows doesn't verify digital signature of CRL files Thomas Walpuski (Aug 11)
    - Re: Windows doesn't verify digital signature of CRL files Thomas Walpuski (Aug 10)
  - Re: Windows doesn't verify digital signature of CRL files Valdis . Kletnieks (Aug 10)
- Windows doesn't verify digital signature of CRL files Michael Howard (Aug 11)