Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Breaking The SetDllDirectory Protection Against Binary Planting
From: "ACROS Security Lists" <lists () acros si>
Date: Wed, 27 Oct 2010 16:25:52 +0200

An old unfixed Windows functional bug was just upgraded to a security bug. Our
researchers have discovered that Windows' inability to consistently expand
environment variables in user and system PATH breaks the binary planting protection
provided by the SetDllDirectory function. The article describes how already fixed
iTunes and Safari - both using SetDllDirectory - can again be successfully
binary-planted due to this bug. This time it's not Apple's fault.


Pleasant reading,

Mitja Kolsek

ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • Breaking The SetDllDirectory Protection Against Binary Planting ACROS Security Lists (Oct 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]