> -----Original Message----- > From: Rainer Gerhards [mailto:rgerhards@hq.adiscon.com] > Sent: Wednesday, February 11, 2004 1:11 AM > To: Tina Bird > Cc: BUGTRAQ@securityfocus.com > Subject: RE: EEYE: Microsoft ASN.1 Library Length Overflow > Heap Corruption > <snip> > But I think the bottom line of all this is if a box is > listening to 135, > 139 OR 445, it is vulnerable. And workstations by default > listen to this ports. If you use Outlook, you are vulnerable. If you use Internet Explorer, you are vulnerable. If you use Outlook Express, you are vulnerable. "Software Affected: Microsoft Internet Explorer Microsoft Outlook Microsoft Outlook Express Third-party applications that use certificates" Ref: http://www.eeye.com/html/Research/Advisories/AD20040210.html Speaking of this bug. We have noted, perhaps outside of the advisory, that we could send a malformed, digitally signed email and it could be the exploit point -- further, the email would not even have to be viewed. That is just one potential avenue of attack. <snip> > I am pretty sure it can. > > Rainer > >
