Virus Bulletin 2008 (Ottawa)

I’m back from Virus Bulletin 2008. This year it has been in Ottawa (Canada). This is my second VB. This year I’ve done a presentation about a project that I’m developing in Panda. You can download the slides:

If want to read more abou it, you can download the entire paper: “Graph, Entropy and Grid Computing: […]

Trend Micro SSAPI Long Path Buffer Overflow Vulnerability

This is my last discovered vulnerability. It’s a vulnerability in a Trend Micro product. Read the Idefense advisory.
I had developed a PoC for W2K SP4 however a PoC for WinXP is hard to develop because i couldn’t find a call esp, or similar instruction, with an unicode address format.
This is the technical analysis […]

NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities

In april I shared with Eset two discovered vulnerabilities (two stack overflow) in NOD32 Antivirus. they are very basic threats but can lead to local/remote arbitrary code execution.
Eset was contacted on April 19 and I receive a fast response. The comunication with Eset had been great, and the threats were patched fast (the update is […]

DiskPart, or How to resize a partition in W2K3?

Last week i was trying to resize a W2K3 partition of a vmware disk image. I couldn’t install Partition Magic 7, because it’s not compatible for W2K3 Server, and i was lost since a find a great utility from MS: Diskpart. With this command line tool is easy to resize an existing partition (not the […]