Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: [ GLSA 200601-09 ] Wine: Windows MetafileSETABORTPROC vulnerability
From: bkfsec <bkfsec () sdf lonestar org>
Date: Fri, 13 Jan 2006 15:30:28 -0500

Todd Towles wrote:


Austin wrote:
Can anyone else verify Steve Gibson's assertion that this flaw was intentionally placed by Microsoft programmers?

Better yet, can anyone else verify what he is taking or mixing?

The way I read what he's saying there, he's saying that you enter malformed input and that malformed input pushes the executable code into position to be executed... and as such, because it would be nuts to allow odd malformed input to push code into a position to be executed, it MUST be intentional.

Hey, I am a Free Software advocate... I'd love to jump on Microsoft if I could. I can, in all honesty, say that the way that the WMF file format is setup is a bit nuts from a security standpoint. However, if his standard for what makes a vulnerability an intentional backdoor is the fact that such malformed data can be entered, then by that standard every single buffer overflow, stack overflow, etc... would have to be intentional, under that standard. As much as I'd like to jump on Microsoft, I don't think that a sane person can agree with such a ludicrous statement. Now, if there are other reasons to believe that this is intentional, well I'd listen regarding it. However, what I read in the provided link doesn't bring me to the conclusion that the flaw was intentional, but rather that Steve Gibson is a bit wacko.

Sure, I'm sure that one could make an argument that some acceptances of malformed input are intentional backdoors, but not simply by showing that there's poor design in the software. That's not enough at all - and neither is speculation.

               -bkfsec


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]