Text 5253, 318 rader
Skriven 2005-06-21 15:20:32 av Rich (1:379/45)
Kommentar till text 5248 av Mike '/m' (1:379/45)
Ärende: Re: Microsoft meets the hackers
=======================================
From: "Rich" <@>
This is a multi-part message in MIME format.
------=_NextPart_000_01CD_01C57674.C422DC30
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
You aren't saying much of anything except your typical propaganda. =
What do you hope to gain by making claims regarding something about = which you
know something to someone who actually does know something? = Is this how you
try to feel better about yourself?
Rich
"Mike '/m'" <mike@barkto.com> wrote in message =
news:081hb1hkkat3tf0s5fk5be6d09sbju0bf6@4ax.com...
Once again, I am not saying anything about what the reporter claimed.
The Microsoft security bulletin states, "There is an unchecked =
buffer".
http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx
Are you saying that the person who wrote that security bulletin
published incorrect information about the security problem, and left =
it
in place even after a revision of the bulletin?
/m
On Mon, 20 Jun 2005 21:05:07 -0700, "Rich" <@> wrote:
> And this is what the reporter claimed. Maybe you would not report =
what was reported to you. We likely will never know. All we know today = is
that you are willing to make all sorts of claims about something you = know
nothing about trying to refute the statements of someone with very = good
knowledge of the issue. It's not like you will be any less = clueless by
repeating yourself over and over. Is this how you feel = better about
yourself?
>
>Rich
>
> "Mike '/m'" <mike@barkto.com> wrote in message =
news:buveb1lm4bkds04ndd83g288f8ti81v4dc@4ax.com...
>
> I am not talking about what the reporter wrote, I am talking about =
what
> the Microsoft security bulletin says in the Technical Details =
section.
>
> =3D=3D=3D
> The first vulnerability is a buffer overrun vulnerability. There is =
an
> unchecked buffer in one of the components that handle NOTIFY =
directives
> - messages that advertise the availability of UPnP-capable devices =
on
> the network. By sending a specially malformed NOTIFY directive, it =
would
> be possible for an attacker to cause code to run in the context of =
the
> UPnP subsystem, which runs with System privileges on Windows XP. =
(On
> Windows 98 and Windows ME, all code executes as part of the =
operating
> system). This would enable the attacker to gain complete control =
over
> the system.
> =3D=3D=3D
>
> "There is an unchecked buffer". Man, that sounds rather specific =
to
> me.=20
>
> /m
>
>
>
>
>
> On Mon, 20 Jun 2005 19:44:07 -0700, "Rich" <@> wrote:
>
> > That and of course that bulletins rarely if ever mention this =
level of detail. Unchecked buffers are one of the few exceptions and = that I
already explained. The reporter claimed he could overflow a = buffer though
did not, and has not since that I can see, given any = evidence of this. My
speculation is that better err on the side of = caution.
> >
> >Rich
> >
> > "Rich" <@> wrote in message news:42b77b11$1@w3.nls.net...
> > Not odd. I didn't analyze it until after I saw the public =
bulletin release and what the reporter claims in his PR was the scenario = that
generated overflows. I don't believe the reporter understands what = he saw or
if he did he kept that out of his PR and anything else I could = find, public
or private, on the topic. Unlike the reporter, I don't = issue press releases
or call reporters with what I find even if it could = be embarrassing to him.
But then I don't have a financial interest in = putting others at risk just to
try to make myself look good.
> >
> > Rich
> >
> > "Mike '/m'" <mike@barkto.com> wrote in message =
news:15seb1pu019glla3ph9mnje9h2rogh4mnh@4ax.com...
> > Oddly, I see no mention of a race condition in the official =
Microsoft
> > security bulletin that was originally posted on December 20, =
2001 and=20
> > updated on May 09, 2003
> > =
http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx
> >
> > /m
> >
> >
> > On Mon, 20 Jun 2005 08:00:02 -0700, "Rich" <@> wrote:
> >
> > > A race condition.
> > >
> > >Rich
> > >
> > > "Geo" <georger@nls.net> wrote in message =
news:42b699ed$2@w3.nls.net...
> > > Well what was it then?
> > >
> > > Geo.
> > > "Rich" <@> wrote in message news:42b5feb2@w3.nls.net...
> > > It is not a buffer overflow. It is not a buffer =
overrun. Neither.
> > >
> > > Rich
------=_NextPart_000_01CD_01C57674.C422DC30
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2668" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2> You aren't saying much of =
anything=20
except your typical propaganda. What do you hope to gain by making =
claims=20
regarding something about which you know something to someone who = actually
does=20
know something? Is this how you try to feel better about=20
yourself?</FONT></DIV><FONT face=3DArial size=3D2>
<DIV><BR>Rich</DIV>
<DIV></FONT> </DIV>
<BLOCKQUOTE=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Mike '/m'" <<A =
href=3D"mailto:mike@barkto.com">mike@barkto.com</A>>=20
wrote in message <A=20
=
href=3D"news:081hb1hkkat3tf0s5fk5be6d09sbju0bf6@4ax.com">news:081hb1hkkat=
3tf0s5fk5be6d09sbju0bf6@4ax.com</A>...</DIV><BR>Once=20
again, I am not saying anything about what the reporter =
claimed.<BR><BR>The=20
Microsoft security bulletin states, "There is an unchecked =
buffer".<BR><A=20
=
href=3D"http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx"=
>http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx</A><BR>=
<BR>Are=20
you saying that the person who wrote that security =
bulletin<BR>published=20
incorrect information about the security problem, and left it<BR>in =
place even=20
after a revision of the =
bulletin?<BR><BR><BR> /m<BR><BR><BR><BR>On Mon,=20
20 Jun 2005 21:05:07 -0700, "Rich" <@> =
wrote:<BR><BR>> =20
And this is what the reporter claimed. Maybe you would not =
report what=20
was reported to you. We likely will never know. All we =
know today=20
is that you are willing to make all sorts of claims about something =
you know=20
nothing about trying to refute the statements of someone with very =
good=20
knowledge of the issue. It's not like you will be any less =
clueless by=20
repeating yourself over and over. Is this how you feel better =
about=20
yourself?<BR>><BR>>Rich<BR>><BR>> "Mike '/m'" <<A =
href=3D"mailto:mike@barkto.com">mike@barkto.com</A>> wrote in =
message <A=20
=
href=3D"news:buveb1lm4bkds04ndd83g288f8ti81v4dc@4ax.com">news:buveb1lm4bk=
ds04ndd83g288f8ti81v4dc@4ax.com</A>...<BR>><BR>> =20
I am not talking about what the reporter wrote, I am talking about=20
what<BR>> the Microsoft security bulletin says in the =
Technical=20
Details section.<BR>><BR>> =3D=3D=3D<BR>> The =
first=20
vulnerability is a buffer overrun vulnerability. There is =
an<BR>> =20
unchecked buffer in one of the components that handle NOTIFY=20
directives<BR>> - messages that advertise the availability of =
UPnP-capable devices on<BR>> the network. By sending a =
specially=20
malformed NOTIFY directive, it would<BR>> be possible for an =
attacker=20
to cause code to run in the context of the<BR>> UPnP =
subsystem, which=20
runs with System privileges on Windows XP. (On<BR>> Windows =
98 and=20
Windows ME, all code executes as part of the operating<BR>> =
system).=20
This would enable the attacker to gain complete control =
over<BR>> the=20
system.<BR>> =3D=3D=3D<BR>><BR>> "There is an =
unchecked=20
buffer". Man, that sounds rather specific to<BR>> =
me.=20
<BR>><BR>> =20
/m<BR>><BR>><BR>><BR>><BR>><BR>> On Mon, 20 =
Jun 2005=20
19:44:07 -0700, "Rich" <@> wrote:<BR>><BR>> =
> =20
That and of course that bulletins rarely if ever mention this level of =
detail. Unchecked buffers are one of the few exceptions and that =
I=20
already explained. The reporter claimed he could overflow a =
buffer=20
though did not, and has not since that I can see, given any evidence =
of=20
this. My speculation is that better err on the side of=20
caution.<BR>> ><BR>> >Rich<BR>> =20
><BR>> > "Rich" <@> wrote in message <A=20
=
href=3D"news:42b77b11$1@w3.nls.net">news:42b77b11$1@w3.nls.net</A>...<BR>=
> =20
> Not odd. I didn't analyze it until =
after I=20
saw the public bulletin release and what the reporter claims in his PR =
was the=20
scenario that generated overflows. I don't believe the reporter=20
understands what he saw or if he did he kept that out of his PR and =
anything=20
else I could find, public or private, on the topic. Unlike the =
reporter,=20
I don't issue press releases or call reporters with what I find even =
if it=20
could be embarrassing to him. But then I don't have a financial =
interest=20
in putting others at risk just to try to make myself look =
good.<BR>> =20
><BR>> > Rich<BR>> ><BR>> =20
> "Mike '/m'" <<A=20
href=3D"mailto:mike@barkto.com">mike@barkto.com</A>> wrote in =
message <A=20
=
href=3D"news:15seb1pu019glla3ph9mnje9h2rogh4mnh@4ax.com">news:15seb1pu019=
glla3ph9mnje9h2rogh4mnh@4ax.com</A>...<BR>> =20
> Oddly, I see no mention of a race condition in =
the=20
official Microsoft<BR>> > security =
bulletin that=20
was originally posted on December 20, 2001 and <BR>> =20
> updated on May 09, 2003<BR>> =20
> <A=20
=
href=3D"http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx"=
>http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx</A><BR>=
> =20
><BR>> > /m<BR>> =20
><BR>> ><BR>> > On Mon, =
20 Jun=20
2005 08:00:02 -0700, "Rich" <@> wrote:<BR>> =
><BR>> =20
> > A race =
condition.<BR>> =20
> ><BR>> > =20
>Rich<BR>> > ><BR>> =20
> > "Geo" <<A=20
href=3D"mailto:georger@nls.net">georger@nls.net</A>> wrote in =
message <A=20
=
href=3D"news:42b699ed$2@w3.nls.net">news:42b699ed$2@w3.nls.net</A>...<BR>=
> =20
> > Well what was it then?<BR>> =
> ><BR>> > =
> =20
Geo.<BR>> > > =
"Rich"=20
<@> wrote in message <A=20
=
href=3D"news:42b5feb2@w3.nls.net">news:42b5feb2@w3.nls.net</A>...<BR>>=
=20
> > It is =
not a=20
buffer overflow. It is not a buffer overrun. =20
Neither.<BR>> > ><BR>> =20
> > =20
Rich<BR></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_01CD_01C57674.C422DC30--
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
|