[Full-Disclosure] The Bat! libpng bo?

From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 11/04/04

  • Next message: Ferdinand Klinzer: "Re: [Full-Disclosure] New REmote Windows Exploit (MS04-029)"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 4 Nov 2004 18:54:39 +0300
    
    

    Dear full-disclosure@lists.netsys.com,

      It looks like The Bat! uses libpng 1.0.5 and zlib 1.1.3 and is
      vulnerable to very old buffer overflow and double free bugs. At least
      it catches exception on http://www.security.nnov.ru/files/libpngbo.png
      and thread is silently closed... There is no any visual effect, but
      you can see it in debugger. The rest of The Bat! is written in Delphi.

      Can anyone confirm if this is exploitable (I know nothing about
      Borland compilers)?

    -- 
    http://www.security.nnov.ru
             /\_/\
            { , . }     |\
    +--oQQo->{ ^ }<-----+ \
    |  ZARAZA  U  3APA3A   } You know my name - look up my number (The Beatles)
    +-------------o66o--+ /
                        |/
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Ferdinand Klinzer: "Re: [Full-Disclosure] New REmote Windows Exploit (MS04-029)"