Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - XP/Vista IGMP buffer overflow - the code explained (zynamics.com)

HalvarFlake writes: "With all the hoopla about the remotely exploitable, kernel-level buffer overflow discussed in today's security bulletin MS08-0001, what is the actual bug that triggers this ?
The bulletin doesn't give all that much information ...
This shockwave movie goes through the process of examining the "pre-patch" version of tcpip.sys and comparing it against the "post-patch" version of tcpip.sys. This comparison yields the actual code that causes the overflow: A mistake in the calculation of the required size in a dynamic allocation."

Slashdot Top Deals

"Why waste negative entropy on comments, when you could use the same entropy to create bugs instead?" -- Steve Elias

Working...