OllyDbg Error in Loading Processes With Long Names Lets Users Crash the Debugger
SecurityTracker Alert ID: 1013478|
SecurityTracker URL: http://securitytracker.com/id/1013478
(Links to External Site)
Date: Mar 19 2005
Denial of service via local system|
Exploit Included: Yes |
Version(s): 1.10 and prior versions|
ATmaCA reported a vulnerability in OllyDbg. A user can cause OllyDbg to crash.|
A user can create a specially crafted DLL filename that, when loaded as a process, will trigger the flaw and cause OllyDbg to crash. A name longer than approximately 200 bytes can trigger the flaw.
A demonstration exploit is provided:
ATmaCA discovered this vulnerability, with credit given to Kozan
A user can cause OllyDbg to crash.|
No solution was available at the time of this entry.|
Vendor URL: home.t-online.de/home/Ollydbg/ (Links to External Site)
Source Message Contents
Date: Sat, 19 Mar 2005 01:05:20 +0200|
Subject: OllyDbg long process Module debug Vulnerability
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®.
Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.
1.10 (final version) and prior versions.
In OllyDbg, if a target process loads modules that contains long name
(greater than around 200 bytes), OllyDbg will be crashed.
This hole can be used for an anti-debug method for OllyDbg.
No vendor response.
Credit to Kozan
Debug this program with OllyDbg,
when the program runs, a folder that named "olly hole" will be
created on desktop and a long named dll will be created in
this folder. then it will load this and finally
olly debug will be crashed.