[월:] 2015년 02월

No Image

February 2015 Updates

2015-02-11 KENNETH 0

Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software.  We encourage you to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate the XI, a full description can be found here. We re-released one Security Bulletin: MS14-083 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution One new Security Advisory was released: Update for Windows Command Line Auditing (3004375). One Security Advisory was revised: Vulnerability in SSL 3.0 Could Allow Information Disclosure (3009008). We also [ more… ]

No Image

CVE-2015-0235

2015-02-04 KENNETH 0

<pre> #include <netdb.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <errno.h> #define CANARY "in_the_coal_mine" struct {   char buffer[1024];   char canary[sizeof(CANARY)]; } temp = { "buffer", CANARY }; int main(void) {   struct hostent resbuf;   struct hostent *result;   int herrno;   int retval;   /*** strlen (name) = size_needed – sizeof (*host_addr) – sizeof (*h_addr_ptrs) – 1; ***/   size_t len = sizeof(temp.buffer) – 16*sizeof(unsigned char) – 2*sizeof(char *) – 1;   char name[sizeof(temp.buffer)];   memset(name, ‘0’, len);   name[len] = ‘\0’;   retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);   if (strcmp(temp.canary, CANARY) != 0) {     puts("vulnerable");     exit(EXIT_SUCCESS);   }   if (retval == ERANGE) {     puts("not vulnerable");     exit(EXIT_SUCCESS);   }   puts("should not happen");   exit(EXIT_FAILURE); } </pre>