<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Question on CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats?

Question on CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats?

From: James Connery <james.j.connery_at_gmail.com>
Date: Tue, 18 Mar 2008 18:37:45 -0700

Hello all,

I am a bit of a confused with recent CERT advisory on archive formats.

URL: https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

In the advisory it is clearly stated that e.g. Microsoft and Apple are
not vulnerable. However after downloading the tool from PROTOS and
trying to open some of the archives on my Windows box (WinXP, latest
patches and everything) - it in lack of a better word - melts down to
the point of becoming completely unusable. I then tried these with
Apple; and again - similar results.

So I'm bit of a confused here... Can someone confirm what I am
seeing=?

PROTOS is available from below URL to try out...

URL: http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

Cheers,

James
Received on Mar 19 2008

This message: [ Message body ]
Next message: security-alert_at_hp.com: "HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access"
Previous message: Asterisk Security Team: "AST-2008-002: Two buffer overflows in RTP Codec Payload Handling"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]