Are you gonna blow hot air VK or are you gonna help the man/woman??? On Friday, September 21, 2007, at 12:44PM, <[EMAIL PROTECTED]> wrote: >On Sat, 22 Sep 2007 00:49:30 +0530, Code Breaker said: > >> i am trying to analyse the old asn integer overflow.Can anyone guide me >> towards right direction?which function contains the vulnerable code?is it >> asn1_decode? > >It's not "the old asn integer", it's "one of the old asn integer"... > >There were about a zillion and a half different places in that code that >were exploitable, because actual error checking was, like, a foreign language >to that crew when they wrote it originally. > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/