Text 5302, 367 rader
Skriven 2005-06-22 16:41:52 av Rich (1:379/45)
Kommentar till text 5296 av Mike '/m' (1:379/45)
Ärende: Re: Microsoft meets the hackers
=======================================
From: "Rich" <@>
This is a multi-part message in MIME format.
------=_NextPart_000_0265_01C57749.4AEAFFC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
You are pretty clear that you believe only what you want to believe.
Rich
"Mike '/m'" <mike@barkto.com> wrote in message =
news:egnjb19bg13ail2588m87un2r08b9j7ke5@4ax.com...
All I am asking is whether I can believe what that Microsoft security
bulletin says. =20
/m
On Tue, 21 Jun 2005 15:20:32 -0700, "Rich" <@> wrote:
> You aren't saying much of anything except your typical propaganda. =
What do you hope to gain by making claims regarding something about =
which you know something to someone who actually does know something? = Is
this how you try to feel better about yourself?
>
>Rich
>
> "Mike '/m'" <mike@barkto.com> wrote in message =
news:081hb1hkkat3tf0s5fk5be6d09sbju0bf6@4ax.com...
>
> Once again, I am not saying anything about what the reporter =
claimed.
>
> The Microsoft security bulletin states, "There is an unchecked =
buffer".
> http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx
>
> Are you saying that the person who wrote that security bulletin
> published incorrect information about the security problem, and =
left it
> in place even after a revision of the bulletin?
>
>
> /m
>
>
>
> On Mon, 20 Jun 2005 21:05:07 -0700, "Rich" <@> wrote:
>
> > And this is what the reporter claimed. Maybe you would not =
report what was reported to you. We likely will never know. All we = know
today is that you are willing to make all sorts of claims about = something you
know nothing about trying to refute the statements of = someone with very good
knowledge of the issue. It's not like you will = be any less clueless by
repeating yourself over and over. Is this how = you feel better about
yourself?
> >
> >Rich
> >
> > "Mike '/m'" <mike@barkto.com> wrote in message =
news:buveb1lm4bkds04ndd83g288f8ti81v4dc@4ax.com...
> >
> > I am not talking about what the reporter wrote, I am talking =
about what
> > the Microsoft security bulletin says in the Technical Details =
section.
> >
> > =3D=3D=3D
> > The first vulnerability is a buffer overrun vulnerability. There =
is an
> > unchecked buffer in one of the components that handle NOTIFY =
directives
> > - messages that advertise the availability of UPnP-capable =
devices on
> > the network. By sending a specially malformed NOTIFY directive, =
it would
> > be possible for an attacker to cause code to run in the context =
of the
> > UPnP subsystem, which runs with System privileges on Windows XP. =
(On
> > Windows 98 and Windows ME, all code executes as part of the =
operating
> > system). This would enable the attacker to gain complete control =
over
> > the system.
> > =3D=3D=3D
> >
> > "There is an unchecked buffer". Man, that sounds rather =
specific to
> > me.=20
> >
> > /m
> >
> >
> >
> >
> >
> > On Mon, 20 Jun 2005 19:44:07 -0700, "Rich" <@> wrote:
> >
> > > That and of course that bulletins rarely if ever mention =
this level of detail. Unchecked buffers are one of the few exceptions = and
that I already explained. The reporter claimed he could overflow a = buffer
though did not, and has not since that I can see, given any = evidence of this.
My speculation is that better err on the side of = caution.
> > >
> > >Rich
> > >
> > > "Rich" <@> wrote in message news:42b77b11$1@w3.nls.net...
> > > Not odd. I didn't analyze it until after I saw the public =
bulletin release and what the reporter claims in his PR was the scenario = that
generated overflows. I don't believe the reporter understands what = he saw or
if he did he kept that out of his PR and anything else I could = find, public
or private, on the topic. Unlike the reporter, I don't = issue press releases
or call reporters with what I find even if it could = be embarrassing to him.
But then I don't have a financial interest in = putting others at risk just to
try to make myself look good.
> > >
> > > Rich
> > >
> > > "Mike '/m'" <mike@barkto.com> wrote in message =
news:15seb1pu019glla3ph9mnje9h2rogh4mnh@4ax.com...
> > > Oddly, I see no mention of a race condition in the official =
Microsoft
> > > security bulletin that was originally posted on December =
20, 2001 and=20
> > > updated on May 09, 2003
> > > =
http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx
> > >
> > > /m
> > >
> > >
> > > On Mon, 20 Jun 2005 08:00:02 -0700, "Rich" <@> wrote:
> > >
> > > > A race condition.
> > > >
> > > >Rich
> > > >
> > > > "Geo" <georger@nls.net> wrote in message =
news:42b699ed$2@w3.nls.net...
> > > > Well what was it then?
> > > >
> > > > Geo.
> > > > "Rich" <@> wrote in message =
news:42b5feb2@w3.nls.net...
> > > > It is not a buffer overflow. It is not a buffer =
overrun. Neither.
> > > >
> > > > Rich
------=_NextPart_000_0265_01C57749.4AEAFFC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2668" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2> You are pretty clear that =
you believe=20
only what you want to believe.</FONT></DIV><FONT face=3DArial size=3D2>
<DIV><BR>Rich</DIV>
<DIV></FONT> </DIV>
<BLOCKQUOTE=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Mike '/m'" <<A =
href=3D"mailto:mike@barkto.com">mike@barkto.com</A>>=20
wrote in message <A=20
=
href=3D"news:egnjb19bg13ail2588m87un2r08b9j7ke5@4ax.com">news:egnjb19bg13=
ail2588m87un2r08b9j7ke5@4ax.com</A>...</DIV><BR>All=20
I am asking is whether I can believe what that Microsoft =
security<BR>bulletin=20
says. <BR><BR> /m<BR><BR><BR>On Tue, 21 Jun 2005 15:20:32 =
-0700,=20
"Rich" <@> wrote:<BR><BR>> You aren't saying much =
of=20
anything except your typical propaganda. What do you hope to =
gain by=20
making claims regarding something about which you know something to =
someone=20
who actually does know something? Is this how you try to feel =
better=20
about yourself?<BR>><BR>>Rich<BR>><BR>> "Mike '/m'" =
<<A=20
href=3D"mailto:mike@barkto.com">mike@barkto.com</A>> wrote in =
message <A=20
=
href=3D"news:081hb1hkkat3tf0s5fk5be6d09sbju0bf6@4ax.com">news:081hb1hkkat=
3tf0s5fk5be6d09sbju0bf6@4ax.com</A>...<BR>><BR>> =20
Once again, I am not saying anything about what the reporter=20
claimed.<BR>><BR>> The Microsoft security bulletin states, =
"There=20
is an unchecked buffer".<BR>> <A=20
=
href=3D"http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx"=
>http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx</A><BR>=
><BR>> =20
Are you saying that the person who wrote that security =
bulletin<BR>> =20
published incorrect information about the security problem, and left=20
it<BR>> in place even after a revision of the=20
bulletin?<BR>><BR>><BR>> =20
/m<BR>><BR>><BR>><BR>> On Mon, 20 Jun 2005 21:05:07 =
-0700,=20
"Rich" <@> wrote:<BR>><BR>> > And =
this is=20
what the reporter claimed. Maybe you would not report what was =
reported=20
to you. We likely will never know. All we know today is =
that you=20
are willing to make all sorts of claims about something you know =
nothing about=20
trying to refute the statements of someone with very good knowledge of =
the=20
issue. It's not like you will be any less clueless by repeating =
yourself=20
over and over. Is this how you feel better about =
yourself?<BR>> =20
><BR>> >Rich<BR>> ><BR>> =
> "Mike=20
'/m'" <<A href=3D"mailto:mike@barkto.com">mike@barkto.com</A>> =
wrote in=20
message <A=20
=
href=3D"news:buveb1lm4bkds04ndd83g288f8ti81v4dc@4ax.com">news:buveb1lm4bk=
ds04ndd83g288f8ti81v4dc@4ax.com</A>...<BR>> =20
><BR>> > I am not talking about what the reporter =
wrote,=20
I am talking about what<BR>> > the Microsoft =
security=20
bulletin says in the Technical Details section.<BR>> =20
><BR>> > =3D=3D=3D<BR>> > The =
first=20
vulnerability is a buffer overrun vulnerability. There is =
an<BR>> =20
> unchecked buffer in one of the components that handle =
NOTIFY=20
directives<BR>> > - messages that advertise the =
availability=20
of UPnP-capable devices on<BR>> > the network. By =
sending a=20
specially malformed NOTIFY directive, it would<BR>> =
> be=20
possible for an attacker to cause code to run in the context of=20
the<BR>> > UPnP subsystem, which runs with System =
privileges=20
on Windows XP. (On<BR>> > Windows 98 and Windows ME, =
all=20
code executes as part of the operating<BR>> > =
system). This=20
would enable the attacker to gain complete control over<BR>> =20
> the system.<BR>> > =
=3D=3D=3D<BR>> =20
><BR>> > "There is an unchecked =
buffer". Man,=20
that sounds rather specific to<BR>> > me. =
<BR>> =20
><BR>> > /m<BR>> =
><BR>> =20
><BR>> ><BR>> ><BR>> =
><BR>> =20
> On Mon, 20 Jun 2005 19:44:07 -0700, "Rich" <@>=20
wrote:<BR>> ><BR>> > > =
That and=20
of course that bulletins rarely if ever mention this level of =
detail. =20
Unchecked buffers are one of the few exceptions and that I already=20
explained. The reporter claimed he could overflow a buffer =
though did=20
not, and has not since that I can see, given any evidence of =
this. My=20
speculation is that better err on the side of caution.<BR>> =20
> ><BR>> > >Rich<BR>> =
> =20
><BR>> > > "Rich" <@> wrote in =
message <A=20
=
href=3D"news:42b77b11$1@w3.nls.net">news:42b77b11$1@w3.nls.net</A>...<BR>=
> =20
> > Not odd. I didn't =
analyze it=20
until after I saw the public bulletin release and what the reporter =
claims in=20
his PR was the scenario that generated overflows. I don't =
believe the=20
reporter understands what he saw or if he did he kept that out of his =
PR and=20
anything else I could find, public or private, on the topic. =
Unlike the=20
reporter, I don't issue press releases or call reporters with what I =
find even=20
if it could be embarrassing to him. But then I don't have a =
financial=20
interest in putting others at risk just to try to make myself look=20
good.<BR>> > ><BR>> > =
> =20
Rich<BR>> > ><BR>> > =20
> "Mike '/m'" <<A=20
href=3D"mailto:mike@barkto.com">mike@barkto.com</A>> wrote in =
message <A=20
=
href=3D"news:15seb1pu019glla3ph9mnje9h2rogh4mnh@4ax.com">news:15seb1pu019=
glla3ph9mnje9h2rogh4mnh@4ax.com</A>...<BR>> =20
> > Oddly, I see no mention of a race =
condition=20
in the official Microsoft<BR>> > =
> =20
security bulletin that was originally posted on December 20, 2001 and=20
<BR>> > > updated on May 09,=20
2003<BR>> > > <A=20
=
href=3D"http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx"=
>http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx</A><BR>=
> =20
> ><BR>> > > =20
/m<BR>> > ><BR>> > =
><BR>> =20
> > On Mon, 20 Jun 2005 08:00:02 -0700, =
"Rich"=20
<@> wrote:<BR>> > ><BR>> =
> =20
> > A race =
condition.<BR>> =20
> > ><BR>> > =20
> >Rich<BR>> > =20
> ><BR>> > =
> =20
> "Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42b699ed$2@w3.nls.net">news:42b699ed$2@w3.nls.net</A>...<BR>=
> =20
> > > Well what was it=20
then?<BR>> > > =
><BR>> =20
> > > Geo.<BR>> =
> =20
> > "Rich" <@> wrote =
in=20
message <A=20
=
href=3D"news:42b5feb2@w3.nls.net">news:42b5feb2@w3.nls.net</A>...<BR>>=
=20
> > =
> It=20
is not a buffer overflow. It is not a buffer overrun. =20
Neither.<BR>> > > =
><BR>> =20
> > > =20
Rich<BR></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0265_01C57749.4AEAFFC0--
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
|