Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory

Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory

From: 3APA3A <3APA3A_at_SECURITY.NNOV.RU>
Date: Mon, 27 Aug 2007 20:33:56 +0400

Dear security_at_nruns.com,

Either Subject "UPX parsing Arbitrary CodeExecution" or vulnerability
description "Infinite Loop in UPX packed files parsing" are wrong. Can
you provide more detailed information please? It's not clear, how
infinite loop can lead to remote code execution.

--Friday, August 24, 2007, 11:15:01 PM, you wrote to bugtraq_at_securityfocus.com:

snc> Description:

snc> A remotely exploitable vulnerability has been found in the file parsing
snc> engine.

snc> In detail, the following flaw was determined:

snc> - Infinite Loop in UPX packed files parsing

snc> Impact:

snc> This problem can lead to remote denial of service or arbitrary code
snc> execution if an attacker carefully crafts a file that exploits the
snc> aforementioned vulnerability. The vulnerability is present in Sophos
snc> Anti-virus software listed above on all platforms supported by the affected
snc> products prior to the engine Version 2.48.0. 

-- 
~/ZARAZA http://securityvulns.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Aug 27 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]