DLL hijacking problem

Lee ler762@gmail.com
Sat Aug 28 12:35:00 GMT 2010


On 8/27/10, Corinna Vinschen wrote:
> Hi,
>
> This DLL hijacking problem goes from simmering to boiling pretty fast
> right now:
> http://www.microsoft.com/technet/security/advisory/2269637.mspx
> The exploit DB fills rapidly in the last couple of days:
> http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=DLL+Hijacking&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve=
>
> Given
> http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx
>
> I propose to change all calls to
>
>   LoadLibrary ("any-Win32-system.dll")
>
> to (basically)
>
>   GetSystemDirectory (path);
>   strcat (path, "\\any-Win32-system.dll");
>   LoadLibrary (path);
>
> Or does anybody think this is overreacting?

Would cygwin1.dll still be loaded from the directory from which the
application loaded or would I have to put a copy of cygwin1.dll into
whatever GetSystemDirectory resolves to?

Thanks,
Lee

>
>
> Thanks,
> Corinna
>
> --
> Corinna Vinschen                  Please, send mails regarding Cygwin to
> Cygwin Project Co-Leader          cygwin AT cygwin DOT com
> Red Hat
>



More information about the Cygwin-developers mailing list