Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft Windows TCP/IP Timestamps Code Execution Vulnerability
From: Valdis.Kletnieks () vt edu
Date: Fri, 27 Nov 2009 16:04:39 -0500

On Fri, 27 Nov 2009 16:55:13 -0300, Ivan Security said:
Discover the problem by binary difference is quite hard and if it were
achiveable, which files should we compare?. 
                                             I could patch it and then
compare the corresponding binary files.

There you go - if you can get a patch for that one vuln separate from
the pachydermic Patch Tuesday mega-patch, you'll probably find that the fix
only hits 1 or 2 functions, at which point a binary diff and a good
debugging tool should be enough to figure out the rest of the details...

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]