"Pavel Machek" <pavelat_private> said: > Is it just me or does this sound like "security by obscurity"? What if I > sit down and write evil PAVEL11I.DLL that *looks* like production one > but dumps passwords as debug one? Then you will have the passwords. however, if you can do this anyhow, you can compromise *any* program you can sufficiently understand the interface to (look for a dll that gets password information as an argument and rewrite it to dump it elsewhere; I suspect there are a lot of these about) there have also been a *lot* of programs where the patched version is only a single file (dll or exe). in almost all cases, overwriting the updated file with the old one will reenable the vunerability; this is to be expected with the way windows handles DLLs, and there isn't much you can do about it. it doesn't mean the patch is worthless though, as you shouldn't be allowing random replacements of DLLs anyhow (particuarly ones to security-sensitive programs).
This archive was generated by hypermail 2b30 : Mon May 28 2001 - 13:05:56 PDT