Log in

No account? Create an account
entries friends calendar profile adric.net Previous Previous Next Next
New Flash NULL pointer exploit causes security wizards to swoon - nil.enroll(aetheric_username, quantum_class_id)
yljatlhQo'! QIch lo'laltbebej!
New Flash NULL pointer exploit causes security wizards to swoon
A fun tidbit, by the post's author ( Thomas Ptacek ) from the Matasano thread:
That’s awesome. Every programmer can also just not cram 200 bytes into buffers that are only big enough for 100. No need to change the C libraries. Bad programming? Use good programming. It’s so simple! How could we not have seen it!

His Matasano post is here and he links to the original paper, which I'm pretty sure _I_ wouldn't understand, so good luck.

The superstar in question, X-Force's Mark Dowd, found a twisty path past many traps intended to protect the Flash plugin and your computer's integrity and came up with a way to inject arbitrary code into the host computer from a Flash widget/movie (This is definitely not supposed to happen). That would be awesome (and terrible, yes) enough, but he did it with style and creativity that impressed his peers ... and will inspire lesser individuals to use his knowledge for petty evil. Oh, and yeah it cuts right across the best stuff Vista has, from most peoples reading. More testing will confirm. In the meantime, once again, leaving Flash enabled means any website you visit could accidentally or intentionally be hosting one of these little charmers which can take over your computer. Just like a malicious ActiveX control, jpeg file, or Java applet could, for given weeks in the recent history of the web, etc etc.

The specific vulnerability will be patched (hopefully quickly), the class of bug will remain, and stupid people will still be allowed to program... Computer programming is a young discipline and its' security younger still, which is why it's so fun and exciting. Good thing no one relies on any of these prototypes for anything important. Right?

Edits: The posts are piling up on Matasano after this one, so maybe this broke through his writer's block. And, I forgot to say congrads to Mr Dowd: Way to go, man!

Current Location: bedroom
Current Mood: amazed

Leave a comment