On Fri, Mar 04, 2005 at 05:52:46PM -0000, Max Bowsher wrote: > Will Parsons wrote: > >I have cygwin 1.5.13 installed on the my WinXP machine at work. The IT > >department apparently has recently installed Cisco Security Agent and now > >when I run setup.exe I get a warning message that setup.exe "tried to make > >system call from self-modifying code" and that this may mean the program > >has been subverted by a buffer overflow attack. > > > >Is this true and if so is it something I should worry about? > > setup.exe does contain some legitimate self-modifying code (in autoload.c > if anyone is interested). > > So, it's fairly likely this is a false alarm. > > Max.
Hmmm... I just tried running http://www.cygwin.com/setup.exe from my computer at Cisco and the security agent did not report any warnings... I don't want to be alarming but maybe you should investigate a bit further... At what time during the execution/installation did the warning appear? My machine is running Win2K with all latest updates Cygwin's setup.exe reports version 2.457.2.2 Cisco Security Agent reports version 4.0-2 build 627 Cheers, Sebastien
signature.asc
Description: Digital signature
