[33767] in bugtraq
Re: ISS Security Rip: Microsoft ASN.1 (Half a sploit)
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Feb 17 12:30:59 2004
Message-Id: <200402152301.i1FN1pJN027754@turing-police.cc.vt.edu>
To: kradhatman@hushmail.com
Cc: bugtraq@securityfocus.com
In-Reply-To: Your message of "Fri, 13 Feb 2004 15:15:34 PST."
<200402132315.i1DNFYAa067379@mailserver1.hushmail.com>
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_847137258P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Sun, 15 Feb 2004 18:01:50 -0500
--==_Exmh_847137258P
Content-Type: text/plain; charset=us-ascii
On Fri, 13 Feb 2004 15:15:34 PST, kradhatman@hushmail.com said:
> "Due to the nature of this vulnerability, reliable and successful remote
> exploitation is considered difficult."
>
> funny little men. there already a half working exploit for ASN.
OK.. So it's a bit tougher to exploit than 'rlogin -froot'. ;)
Though I remember encountering a few who had problems with THAT one. ;)
--==_Exmh_847137258P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAL/pecC3lWbTT17ARAgF6AJ975KSgN5o8wtVmWA05lpAP2l/apgCgkn8H
WdP+4Jl8aJUvJmLbeclZx8A=
=l6BA
-----END PGP SIGNATURE-----
--==_Exmh_847137258P--
