Hi, not a vulnerability but could be a headache while reverse ingineering or binary auditing/interpreting, etc. (ok anything related with disassembling) get wrong values.
[EMAIL PROTECTED]:/tmp$ ndisasm -b32 salida 00000000 49 dec ecx 00000001 6E outsb 00000002 7465 jz 0x69 00000004 6C insb 00000005 6563747561 arpl [gs:ebp+esi*2+0x61],si 0000000A 6C insb 0000000B 207072 and [eax+0x72],dh 0000000E 6F outsd 0000000F 7065 jo 0x76 00000011 7274 jc 0x87 00000013 7920 jns 0x35 00000015 6F outsd 00000016 66204968 o16 and [ecx+0x68],cl 0000001A 61 popa 0000001B 51 push ecx 0000001C 7565 jnz 0x83 0000001E 52 push edx 0000001F 00 db 0x00 [EMAIL PROTECTED]:/tmp$ ndisasm -V NDISASM version 0.98.38 compiled Jan 7 2005 [EMAIL PROTECTED]:/tmp$ i.e: 0000001C 7565 jnz 0x83 sould had been jnz 0x65 I've just tested ndisasm 0.98.36 and 0.98.38 cheers. shadown -- Sergio Alvarez Security, Research & Development IT Security Consultant email: [EMAIL PROTECTED] This message is confidential. It may also contain information that is privileged or otherwise legally exempt from disclosure. If you have received it by mistake please let us know by e-mail immediately and delete it from your system; should also not copy the message nor disclose its contents to anyone. Many thanks. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
