Slashdot Mirror

← Back to Stories (view on slashdot.org)

XP/Vista IGMP Buffer Overflow — Explained

Posted by kdawson on from the that-didn't-take-long dept.

HalvarFlake writes "With all the hoopla about the remotely exploitable, kernel-level buffer overflow discussed in today's security bulletin MS08-0001, what is the actual bug that triggers this? The bulletin doesn't give all that much information. This movie (Flash required) goes through the process of examining the 'pre-patch' version of tcpip.sys and comparing it against the 'post-patch' version of tcpip.sys. This comparison yields the actual code that causes the overflow: A mistake in the calculation of the required size in a dynamic allocation."

14 of 208 comments (clear)

  1. well gee by sentientbrendan · · Score: 5, Funny

    >This comparison yields the actual code that causes the overflow:
    >A mistake in the calculation of the required size in a dynamic allocation

    I hope no one else makes this mistake.

    1. Re:well gee by nizo · · Score: 4, Funny

      It worked so well for Office 2003, perhaps Microsoft could create a patch that would keep the OS from opening insecure packets from other vendors and their older products?

      --
      I Am My Own Worst Enemy
  2. Sounds like HowStuffWorks material! by Ai+Olor-Wile · · Score: 4, Funny

    Hooray! Windows vulnerabilities are so commonplace now that there are public educational documentaries about their life-cycles and internals, so that the people can stay informed. Brilliant!

  3. It's just a mistake! by EmbeddedJanitor · · Score: 4, Funny

    OMG! I thought it might be a bug, but thankfully it's just a mistake!

    --
    Engineering is the art of compromise.
  4. Dang it all. by palegray.net · · Score: 5, Funny

    Darn pesky kids and their fancy buffer overflows. I outta HEAP on the insults, but I'll try to stick to my PROGRAM of keeping my smoke STACK cool.

    --
    512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
    1. Re:Dang it all. by Anonymous Coward · · Score: 5, Funny

      You're PUSHing it. One more pun and I'll POP you in the mouth.

    2. Re:Dang it all. by Crzysdrs · · Score: 0, Funny

      Are you attempting to insult swordfight?

      I've got a little TIP for you, get the POINT?

    3. Re:Dang it all. by Anonymous Coward · · Score: 1, Funny

      I've been PEEKing into this thread, and I think I'd better get out before I get a POKE in the eye. (Now I'm showing my age ...)

  5. Re:Why Windows 95 and NT 4 are enough by Trogre · · Score: 2, Funny

    *blink*

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  6. Windows is open-sores software by Junior+J.+Junior+III · · Score: 2, Funny

    This movie (Flash required) goes through the process of examining the 'pre-patch' version of tcpip.sys and comparing it against the 'post-patch' version of tcpip.sys. This comparison yields the actual code that

    See? And they said without FOSS, this couldn't be done!

    --
    You see? You see? Your stupid minds! Stupid! Stupid!
  7. Re:Let's get the preliminary stuff out of the way. by Anonymous Coward · · Score: 1, Funny

    Everyone should be forced to give up manual memory allocation regardless of the power it can afford. I wonder how you will program dynamic memory allocation without using manual memory allocation. ;)
  8. despair.com says it best by dave55699 · · Score: 2, Funny

    "It could be that the purpose of your life is only to serve as a warning to others." http://despair.com/mis24x30prin.html

  9. Re:Why Windows 95 and NT 4 are enough by PCeye · · Score: 3, Funny

    Obligatory "Office Space" Quotes...

    Tom Smykowski: It was a "Jump to Conclusions" mat. You see, it would be this mat that you would put on the floor... and would have different CONCLUSIONS written on it that you could JUMP TO.

    Michael Bolton: That's the worst idea I've ever heard in my life, Tom.

    Samir: Yes, this is horrible, this idea.

  10. Mmmm, mmmm, good! by Gription · · Score: 4, Funny

    Don't feed the trolls. ???
    But that is the primary reason for /. to begin with!?