mailing list archives
Re: Re: [ GLSA 200601-09 ] Wine: Windows MetafileSETABORTPROC vulnerability
From: bkfsec <bkfsec () sdf lonestar org>
Date: Fri, 13 Jan 2006 15:30:28 -0500
Todd Towles wrote:
The way I read what he's saying there, he's saying that you enter
malformed input and that malformed input pushes the executable code into
position to be executed... and as such, because it would be nuts to
allow odd malformed input to push code into a position to be executed,
it MUST be intentional.
Can anyone else verify Steve Gibson's assertion that this
flaw was intentionally placed by Microsoft programmers?
Better yet, can anyone else verify what he is taking or mixing?
Hey, I am a Free Software advocate... I'd love to jump on Microsoft if I
could. I can, in all honesty, say that the way that the WMF file format
is setup is a bit nuts from a security standpoint.
However, if his standard for what makes a vulnerability an intentional
backdoor is the fact that such malformed data can be entered, then by
that standard every single buffer overflow, stack overflow, etc... would
have to be intentional, under that standard. As much as I'd like to
jump on Microsoft, I don't think that a sane person can agree with such
a ludicrous statement. Now, if there are other reasons to believe that
this is intentional, well I'd listen regarding it. However, what I read
in the provided link doesn't bring me to the conclusion that the flaw
was intentional, but rather that Steve Gibson is a bit wacko.
Sure, I'm sure that one could make an argument that some acceptances of
malformed input are intentional backdoors, but not simply by showing
that there's poor design in the software. That's not enough at all -
and neither is speculation.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/