[26579] in bugtraq
Re: White paper: Exploiting the Win32 API.
daemon@ATHENA.MIT.EDU (slack3r)
Wed Aug 7 14:42:04 2002
Date: Wed, 7 Aug 2002 11:13:29 -0500
From: slack3r <slack3r@boy-genius.net>
To: Bugtraq <bugtraq@securityfocus.com>
Message-Id: <20020807111329.16e84a77.slack3r@boy-genius.net>
In-Reply-To: <20020807133813.31892.qmail@web13304.mail.yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Bugtraq,
I've been following this posting on the exploitation of the Win32 API
with interest. I think that Chris was correct in saying the following
from his original posting:
5) This is not a bug. This is a new class of vulnerabilities, like a
buffer overflow attack or a format string attack. As such, there is
no specific vendor to inform, since it affects every software maker
who writes products for the Windows platform. A co-ordinated release
with every software vendor on the planet is impossible.
I think the point has been made that there are ways to fix this problem,
but the point is, this is a very real way of exploiting poorly written
applications. It's no different than exploiting, as he said, a buffer
overflow, or format strings, vulnerabilities of which abound throughout
the Internet. Though there may be a way to prevent these
vulnerabilities, the same could be said for, say, a buffer overflow, and
yet they're found all over the place. I think Chris has a valid point in
bringing this forward, and it's something that every Win32 programming
should take into account, while trying to write secure applications.
This is a topic that needed to be addressed.
-Bryan
P.S. I think it'd be interesting to see how many (if any) Microsoft
programs are affected by this type of vulnerability, even though they
"have known about these vulnerabilities for some time".
