Hosting Provided By

Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory

From: Sergio Alvarez <sergio.alvarez(at)nruns.com>
Date: Mon Sep 03 2007 - 07:39:40 EDT

Hi all,

Just want to let you know that Sophos has updated their advisory:

http://www.sophos.com/support/knowledgebase/article/28407.html

To make things a bit more clear, it's a one byte overwrite in an arbitrary location caused by an integer handling issue while parsing the UPX file format.

The advisory at http://www.nruns.com/security_advisory.php will be updated soon.

Cheers,
Sergio Received on Mon Sep 3 12:35:20 2007

This message: [ Message body ]
Next message: Jan Münther: "Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory"
Previous message: Omid: "Multiple vulnerabilities in Joomla 1.5 RC 1"
In reply to: 3APA3A: "Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory"
Next in thread: Jan Münther: "Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory"
Reply: Jan Münther: "Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:14:21 EDT