CSAgent warning with setup.exe
Jean-Sebastien Trottier
jst1@email.com
Sun Mar 6 11:45:00 GMT 2005
On Fri, Mar 04, 2005 at 05:52:46PM -0000, Max Bowsher wrote:
> Will Parsons wrote:
> >I have cygwin 1.5.13 installed on the my WinXP machine at work. The IT
> >department apparently has recently installed Cisco Security Agent and now
> >when I run setup.exe I get a warning message that setup.exe "tried to make
> >system call from self-modifying code" and that this may mean the program
> >has been subverted by a buffer overflow attack.
> >
> >Is this true and if so is it something I should worry about?
>
> setup.exe does contain some legitimate self-modifying code (in autoload.c
> if anyone is interested).
>
> So, it's fairly likely this is a false alarm.
>
> Max.
Hmmm... I just tried running http://www.cygwin.com/setup.exe from my
computer at Cisco and the security agent did not report any warnings...
I don't want to be alarming but maybe you should investigate a bit
further...
At what time during the execution/installation did the warning appear?
My machine is running Win2K with all latest updates
Cygwin's setup.exe reports version 2.457.2.2
Cisco Security Agent reports version 4.0-2 build 627
Cheers,
Sebastien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://cygwin.com/pipermail/cygwin/attachments/20050306/34350e26/attachment.sig>
More information about the Cygwin
mailing list