Re: about zlib vulnerability - Microsoft products

From: Florian Weimer (Weimerat_private-Stuttgart.DE)
Date: Sun Mar 17 2002 - 09:19:00 PST

Next message: Ahmet Sabri ALPER: "[ARL02-A09] Board-TNK Cross Site Scripting Vulnerability"

Previous message: Ahmet Sabri ALPER: "[ARL02-A08] BG Guestbook Cross Site Scripting Vulnerability"
In reply to: Forrest J Cavalier III: "Re: about zlib vulnerability - Microsoft products"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Forrest J Cavalier III" <forrestat_private> writes:

> The following C program scans files for the cplens table (used for
> inflate.)  
>
> I expect the code below is portable.  It was tested on Windows.
>
> It might run faster than the perl script posted earlier.  (I
> suppose it risks more false positives too.)  

AFAIK, any "inflate" decompressor requires this table, so this program
detects such decompressors which store the table in a particular form,
not just zlib's implementation.

-- 
Florian Weimer 	                  Weimerat_private-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

Next message: Ahmet Sabri ALPER: "[ARL02-A09] Board-TNK Cross Site Scripting Vulnerability"
Previous message: Ahmet Sabri ALPER: "[ARL02-A08] BG Guestbook Cross Site Scripting Vulnerability"
In reply to: Forrest J Cavalier III: "Re: about zlib vulnerability - Microsoft products"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 18 2002 - 18:15:10 PST