Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-209

from [Stefan Kanthak] Network Security [Permanent Link]
Subject: Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
Date: Mon, 29 Oct 2007 22:04:53 +0100 
I wrote Sunday, October 21, 2007 2:18 PM:


Anonymous <farion42@yahoo.de> wrote Saturday, October 20, 2007 11:55 AM:


As a workaround, one could try to manually replace zlib32.dll in a Windows
GSView 4.8 installation with the current zlib1.dll version 1.2.3.


[...]


Unfortunately the maintainer of GSview choose not to reply to my bug
report which included a question about the source of the ZLIB32.DLL.


The maintainer finally replied to the last of my three attempts to
contact him (very timely, regarding the different timezones we are in):

| I can't do much about it just at the moment.  I've had a computer
| motherboard failure and while I've now got a new computer, I haven't
| got all my development tools running yet.
|
| I will update the DLL in the next release.  Yes, I compiled the DLL
| myself.  There wasn't a precompiled version at the time I started using
| it.


As long as I cant be sure that the replacement zlib1.dll from zlib.net
is fully compatible to the ZLIB32.DLL distributed with GSview 4.8 I wont
give any advice to exchange it.


q.e.d.

Stefan
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Memory overwrites in JVM via malformed TrueType font, NGSSoftware Insight Security Research
Next by Date:  Holes in the firewall of Mac OS X Leopard, Juergen Schmidt
Previous by Thread:  Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096), Stefan Kanthak
Next by Thread:  [Full-disclosure] Serious holes affecting SiteBar 3.3.8, Tim Brown
Indexes:  [Date] [Thread] [Top] [All Lists]