[LINK] E-mail viruses blamed as spam rises sharply
Richard.Chirgwin at informa.com.au
Fri Feb 20 14:01:30 EST 2004
> Let's look at a few samples as submitted by Phil ...
> > Multiple integer overflow vulnerabilities in the
> Microsoft Windows
> > ASN.1 parser library could allow an unauthenticated, remote
> > attacker to execute arbitrary code with SYSTEM privileges.
> The above would allow the attacker to own the machine and spread
> the exploit. Very serious. Can spread and affect millions of
> machines on the Internet.
Too true, too true... but in this one case, and please don't mistake me for
an apologist, a whole industry has guilty of a remarkably relaxed attitude
to a widespread problem.
ASN.1 is everywhere; before MS, libraries and compilers were vulnerable in:
- SNMP management systems
- OpenSSL implementations
- the Apache Web server
- H.323 and associated VoIP environments
...and this isn't a comprehensive list.
It's used all over the place, partly I guess because of history - by the
time the Internet went "mainstream" the foundation interprocess language was
already ubiquitous; replacing it would be like replacing TCP/IP.
More information about the Link