Re: [funsec] WMF round-up, updates and de-mystification

To: Gadi Evron <ge@xxxxxxxxxxxx>
Subject: Re: [funsec] WMF round-up, updates and de-mystification
From: Pierre Vandevenne <pierre@xxxxxxxxxxxxxx>
Date: Tue, 3 Jan 2006 12:47:49 +0100
Cc: bugtraq@xxxxxxxxxxxxxxxxx, "FunSec [List]" <funsec@xxxxxxxxxxxx>
In-reply-to: <43BA35B8.9040404@xxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: DataRescue sa/nv
References: <43BA35B8.9040404@xxxxxxxxxxxx>
Reply-to: Pierre Vandevenne <pierre@xxxxxxxxxxxxxx>

Good Afternoon,

Tuesday, January 3, 2006, 9:28:40 AM, you wrote:

GE> The "patch" by Ilfak Guilfanov works, but by disabling a DLL in Windows.

I wouldn't say it does that. If you really want to simplify it in the
extreme, it hides the vulnerable function. The patch was, imho done
precisely to avoid disabling the dll, and because disabling the dll
wasn't necessarily successful in all cases.

-- 
Best regards,
Pierre                            mailto:pierre@xxxxxxxxxxxxxx

Follow-Ups:
- RE: [funsec] WMF round-up, updates and de-mystification
  - From: Larry Seltzer
- Re: WMF round-up, updates and de-mystification
  - From: Gadi Evron

References:
- WMF round-up, updates and de-mystification
  - From: Gadi Evron

Prev by Date: Re: Drupal all versiyon xss cehennem.org
Next by Date: RE: [Full-disclosure] WMF round-up, updates and de-mystification
Previous by thread: RE: [Full-disclosure] WMF round-up, updates and de-mystification
Next by thread: Re: WMF round-up, updates and de-mystification
Index(es):
- Date
- Thread