Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability
From: Joe Stewart <jstewart () lurhq com>
Date: Wed, 13 Oct 2004 11:12:51 -0400

A few things I've noticed with this advisory: eEye states that the 
vulnerability is an overflow in dunzip32.dll and that MS04-034 fixes 
it. However, from what I've seen MS04-034 only patches zipfldr.dll. 
Further, MS04-034 claims that Windows ME is not vulnerable, while eEye 
says it is. Also, eEye says that the dunzip32.dll overflow is an issue 
for XP, yet I am unable to find dunzip32.dll on a stock XP SP1 system. 
Is it possible that the eEye release and the MS04-034 bulletin are 
talking about two separate issues?


Joe Stewart, GCIH 
Senior Security Researcher
LURHQ http://www.lurhq.com/

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]