[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Exploiting default exception handler to increase exploit stability on win32

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Exploiting default exception handler to increase exploit stability on win32
From: tal zeltzer <tal.zeltzer@xxxxxxxxx>
Date: 1 Nov 2004 19:02:56 -0000


Summary:

Every win32 application has a default exception handler which can be abused to 
increase 
exploit stability in the case of a stack overflow


Impact:

The results of such attack is an exploit with two return addresses

Proof of Concept:

a tutorial And proof of concept code is available at 

http://www.securityforest.com/wiki/index.php/Exploit:_Stack_Overflows_-_Exploiting_default_seh_to_increase_stability

Credit:

Discovered by tal zeltzer.

Prev by Date: Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication
Next by Date: zlib 1.2.2 released
Previous by thread: Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication
Next by thread: zlib 1.2.2 released
Index(es):
- Date
- Thread