Slashdot Mirror


XP/Vista IGMP Buffer Overflow — Explained

HalvarFlake writes "With all the hoopla about the remotely exploitable, kernel-level buffer overflow discussed in today's security bulletin MS08-0001, what is the actual bug that triggers this? The bulletin doesn't give all that much information. This movie (Flash required) goes through the process of examining the 'pre-patch' version of tcpip.sys and comparing it against the 'post-patch' version of tcpip.sys. This comparison yields the actual code that causes the overflow: A mistake in the calculation of the required size in a dynamic allocation."

4 of 208 comments (clear)

  1. Re:Haven'y you guys figured out by Anonymous Coward · · Score: -1, Flamebait

    Ron Paul, is that you?

  2. Re:Why Windows 95 and NT 4 are enough by Anonymous Coward · · Score: -1, Flamebait

    What a stupid story. You are stupid for telling it.

  3. Re:TCP/IP stack again by Anonymous Coward · · Score: -1, Flamebait

    Faggot.

  4. How long should C remain in use? by master_p · · Score: -1, Flamebait

    C is a horrible abomination of a language when seen from the perspective of modern languages like Haskell, Erlang, ML, Scala etc. There are even operating systems written in these languages. C has cost the IT industry billions of dollars as a result of safety and security problems.

    C served its purpose, it's now time to be replaced with a better language.