Mail Archives: cygwin/2005/03/05/23:10:35

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2005/03/05/23:10:35

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Date: Sat, 5 Mar 2005 23:10:24 -0500

From: Jean-Sebastien Trottier <jst1 AT email DOT com>

To: Cygwin Mailing List <cygwin AT cygwin DOT com>

Subject: Re: CSAgent warning with setup.exe

Message-ID: <20050306041024.GC6831@gw.jsoft.lan>

Mail-Followup-To: Cygwin Mailing List <cygwin AT cygwin DOT com>

References: <slrnd2h4gk DOT 1h0 DOT wbp AT L1422169 DOT w-intra DOT net> <023101c520e2$fd25ae50$c40110ac AT robinson DOT cam DOT ac DOT uk>

Mime-Version: 1.0

In-Reply-To: <023101c520e2$fd25ae50$c40110ac@robinson.cam.ac.uk>

User-Agent: Mutt/1.5.6+20040907i

X-IsSubscribed: yes

--OBd5C1Lgu00Gd/Tn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Mar 04, 2005 at 05:52:46PM -0000, Max Bowsher wrote:
> Will Parsons wrote:
> >I have cygwin 1.5.13 installed on the my WinXP machine at work.  The IT
> >department apparently has recently installed Cisco Security Agent and now
> >when I run setup.exe I get a warning message that setup.exe "tried to ma=
ke
> >system call from self-modifying code" and that this may mean the program
> >has been subverted by a buffer overflow attack.
> >
> >Is this true and if so is it something I should worry about?
>=20
> setup.exe does contain some legitimate self-modifying code (in autoload.c=
=20
> if anyone is interested).
>=20
> So, it's fairly likely this is a false alarm.
>=20
> Max.

Hmmm... I just tried running http://www.cygwin.com/setup.exe from my
computer at Cisco and the security agent did not report any warnings...

I don't want to be alarming but maybe you should investigate a bit
further...

At what time during the execution/installation did the warning appear?


My machine is running Win2K with all latest updates
Cygwin's setup.exe reports version 2.457.2.2
Cisco Security Agent reports version 4.0-2 build 627

Cheers,
Sebastien

--OBd5C1Lgu00Gd/Tn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCKoKwWHtULG0eY+ERAidsAJ42cxTIAwMEs8cDZmZu2R4S1Y12IQCeJhuJ
glBU/8QnFA6zwa7ApsVxbXI=
=Jdzz
-----END PGP SIGNATURE-----

--OBd5C1Lgu00Gd/Tn--

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Date:	Sat, 5 Mar 2005 23:10:24 -0500
From:	Jean-Sebastien Trottier <jst1 AT email DOT com>
To:	Cygwin Mailing List <cygwin AT cygwin DOT com>
Subject:	Re: CSAgent warning with setup.exe
Message-ID:	<20050306041024.GC6831@gw.jsoft.lan>
Mail-Followup-To:	Cygwin Mailing List <cygwin AT cygwin DOT com>
References:	<slrnd2h4gk DOT 1h0 DOT wbp AT L1422169 DOT w-intra DOT net> <023101c520e2$fd25ae50$c40110ac AT robinson DOT cam DOT ac DOT uk>
Mime-Version:	1.0
In-Reply-To:	<023101c520e2$fd25ae50$c40110ac@robinson.cam.ac.uk>
User-Agent:	Mutt/1.5.6+20040907i
X-IsSubscribed:	yes