[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept

To: advisory@xxxxxxxxxxx
Subject: Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
From: user1 <user1@xxxxx>
Date: Fri, 07 Oct 2005 14:59:16 +0300

advisory@xxxxxxxxxxx wrote:

> The buffer used provides quite a bit of room for shellcode, so I've decided
> to construct a shellcode that as far as I know hasn't been made.

I've seen this kind of thing on a blaster variant (With the notable
exeption that it was also trying to spread like any other worm).
It is a nice poc, but I don't think it has real uses. We will patch you
even if you want it or not ? :D
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
  - From: advisory

References:
- [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
  - From: advisory

Prev by Date: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
Next by Date: [Full-disclosure] [SECURITY] [DSA 846-1] New cpio packages fix several vulnerabilities
Previous by thread: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
Next by thread: Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
Index(es):
- Date
- Thread