> Almost every program using MS's C Runtime library for select() will suffer
> from this problem. This vulnerability is only a problem if it listens on a
> port. For example, nslookup.exe from Microsoft uses a whole bunch of CRT
> calls, including select(), but doesn't listen on any ports.

Just adding a follow-up to David's comments on this post. While true this
'problem' exists in the runtime, as David points out RFTM. However, as Ussr
Labs stated it's the result of using up all 64 connections that's a bigger
problem than it just being limited to 64 connections. At connection 65 the
application dies, this is not due to the runtime library. The release code
should gracefully handle refusing additional connections and not assert on
ssh_adt_num_objects(ssh_eloop_event) < 64.

Cheers,
Bill Sobel
Symantec

----------------------------------------------------------------------------
Delivery co-sponsored by Trend Micro
============================================================================
TREND MICRO REAL-TIME VIRUS ALERTS
If you would like to know about a virus outbreak before CNN and ZDNet get
Trend Micro Virus Info Feed FREE. Simply copy and paste a small piece of
code to give your visitors a real-time top 10 list and the latest virus
advisories. Setup takes just 10 minutes and requires no server-side code on
your Web site. All content is updated automatically from Trend Micro's Web
site.
http://www.antivirus.com/banners/tracking.asp?si=8&bi=237&ul=/syndication/
vinfo/
----------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]