|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability
From: David Matousek (david
matousec.com)
Date: Tue Aug 01 2006 - 04:57:56 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
BlackICE does not protect pamversion.dll in its installation directory. And also because its component
protection fails to protect BlackICE processes this can be misused to inject fake DLL into BlackICE service.
The whole advisory with more details and source code is available here
http://www.matousec.com/info/advisories/BlackICE-DLL-faking-of-run-time-linked-libraries.php
Regards,
--
David Matousek
Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]