[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Microsoft VISTA TCP/IP stack buffer overflow

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Microsoft VISTA TCP/IP stack buffer overflow
From: dale@xxxxxxxxxxx
Date: 25 Nov 2008 20:24:24 -0000

So, let me try and understand this.

According to what you have written, and the MSDN documentation on this 
CreateIpForwardEntry2 call, you need to be (at least) a member of the 
Administrators group.

So how is this "security vulnerability" any different to me creating a program, 
which will require the same Administrative rights, to say, wipe the boot 
configuration file?

Follow-Ups:
- Re: Microsoft VISTA TCP/IP stack buffer overflow
  - From: Edi Strosar

Prev by Date: [security bulletin] HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution
Next by Date: RSA EnVision Remote Password Disclosure
Previous by thread: Microsoft VISTA TCP/IP stack buffer overflow
Next by thread: Re: Microsoft VISTA TCP/IP stack buffer overflow
Index(es):
- Date
- Thread