似乎我已经中国这种漏洞的病毒mail . 当时没多想。
-- =====END===== 在2008-09-17,"大风" <[EMAIL PROTECTED]> 写道: > >应该是很难利用的,或者要结合一些环境。 > >不过08-052是很多漏洞的集合,不知道其中是否有可以利用的 > >不过小道消息的wild exploit一般是假的或者是有一定限制条件的或者是不稳定的。 > > >[Ph4nt0m] >[Ph4nt0m Security Team] > [EMAIL PROTECTED] > Email: [EMAIL PROTECTED] > PingMe: > === Ultimate Hacking === > === XPLOITZ ! === > === #_# === >#If you brave,there is nothing you cannot achieve.# > > >-----邮件原件----- >发件人: [email protected] [mailto:[EMAIL PROTECTED] 代表 >Cmdhz >发送时间: 2008年9月17日 11:12 >收件人: Ph4nt0m >主题: [Ph4nt0m] 关于ms08-052漏洞的请教! > >最近看了下ms08-052的漏洞, 奇虎取了一个骇人听闻的标题 “奇虎360称发现微软史 >上最大安全漏洞 ”。 > >但是有安全组织研究声称这个漏洞利用不了: > >The integer overflow can be triggered via a WMF file containing a >specially crafted >PolyPolygon record that specifies an overly large number of points. >Attacker-controlled >data will be written past the end of an under-sized heap buffer, >ultimately triggering >an access violation that will be handled by an exception handler. > >The data written beyond the end of the allocated buffer is influenced >by the attacker, >but only the lower 16-bits of each 32-bit word can be controlled and >the upper bits will >be either all zeroes or all ones. As the attacker cannot specify a >usable address, it >appears unlikely that code execution would be possible, however, it >cannot be completely >ruled out. > >声称不能用,最用成功利用的例子其实也不少,不知道这个会不会又是一个耳光? > >所以特地请各位讨论一些看能不能利用? > > >> --~--~---------~--~----~------------~-------~--~----~ 要向邮件组发送邮件,请发到 [email protected] 要退订此邮件,请发邮件至 [EMAIL PROTECTED] -~----------~----~----~----~------~----~------~--~---
