Links

Lists

Latest Updates

Ruby On Rails List
Python list
Advanced Java
The JavaScript List
Apache Users
Full Disclosure
Linux Security

Search the archives!
Having a development problem? Ask eDevelopment.org forums!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow

  • From: Thierry at Zoller.lu (Thierry Zoller)
  • Subject: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
  • Date: Mon, 2 Apr 2007 17:44:46 +0200
Dear Michal,

MM> You claim is just pointless. You CAN write
MM> reliable exploit for Harware NX DEP and youCAN take over whole system
MM> even in the IE Protected mode!!!!

Oh dear, my "claim is just pointless", the fact is, I have not made
such a claim, I have introduced the notion of Hardware DEP and Software
DEP, that's what I did and that's all. Some poeple don't realise there
is a difference between them I wanted to show them there is.

In otherwords, claiming it works with "DEP enabled" just because the
PoC worked on your software-DEP-enabled machine doesn't proof it works
on HW-enabled-machines, that was my point. That's my entire point, not
saying it can't be  or is be done with Hardware DEP...get it ?

I never claimed it can't be done, actually within our company some do, so..
Try the current milworm PoCs on NX enforced CPUS

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7