Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Justin Ferguson (jfownco.net)
Date: Wed Sep 08 2010 - 17:45:10 CDT
> and the default windows search > path […]
Correct me if I'm wrong here, but my understanding is that it has nothing to do with the default search path, but rather applications using a search path that differs from the default loadlibrary search path. I could be wrong my attention to this issue thus far has been a few msdn pages and a lot of deleted email as unimportant.
Fyodor <fyodorinsecure.org> wrote:
>On Sun, Sep 05, 2010 at 07:01:19PM +0530, Nikhil Mittal wrote:
>> 1. Overview
>> nmap <= 5.21 is vulnerable to Windows DLL Hijacking Vulnerability.
>Nmap is not vulnerable. DLL hijacking works because of an unfortunate
>interaction between apps which register Windows file extensions and
>the default Windows DLL search path used for those apps. Nmap does
>not, and never has, registered any Windows file extensions. So it
>isn't vulnerable to this issue.
>> 8. Solution
>> Fixed in latest development release.
>We have not made a special new development release, nor are we
>planning one. We do agree that Windows' default DLL search path
>handling is dumb, so we have added code in our source repository to
>improve that. It will be included in our next regular release (maybe
>in a month or so), along with other proactive security improvements
>such as enabling Windows ASLR and DEP support.
>Full-Disclosure - We believe in it.
>Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/