Buffer overflows are everyone's problem, and not limited to just Microsoft. The problem is that under Windows 2000, VNC runs as LOCALSYSTEM, sort of equivalent to the Unix "root" account, except that LOCALSYSTEM is more privileged than "Administrator" and less useful as it can't directly use SMB networking.
If there is a buffer overflow (and my guess is that there would be), the only correct solution is to fix the code. VNC requires the LOCALSYSTEM privileges to hook the desktop so that it can intercept GDI calls. We should contact the guys at the Oulu University and make a VNC protocol tester. This will weed out clients and servers that have problems. http://www.ee.oulu.fi/research/ouspg/ However, in addition, we need to be a lot more careful C (and C++'s) weaknesses, particularly in respect to buffer and heap overruns. Andrew -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of craig phillips Sent: Thursday, 21 February 2002 1:42 AM To: '[EMAIL PROTECTED]' Subject: Buffer overflow question I've recently heard concerns about a buffer overflow that exists in VNC. Maybe this is just a question of not doing my homework but does this really have anything to do with Windows NT/2000 security (assuming Microsoft here)? I just don't see this really being a security problem. Only a programming issue with VNC. If VNC croaks due to an overflow (unless it freaks the windows kernel out as well) it should leave security on the machine intact. Clear my head if you can! --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
