[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch
From: H D Moore <fdlist@xxxxxxxxxxxxxxxxxx>
Date: Fri, 16 Dec 2005 08:59:50 -0600

This may not be a limitation if you can use the argument-skipping syntax 
in msvcrt (ie. %4000$x).

-HD

On Friday 16 December 2005 08:32, FistFucker wrote:
>I don't think it's > exploitable because the user controlled string is
>many thousand bytes away from the stack pointer and you can only send 512
>bytes  to the SMTP daemon.
[snip]
> If someone was able to exploit this, I would be interested in exploit
> code or an explanation to learn from him.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch
  - From: FistFucker

References:
- Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch
  - From: Chris Rogers
- Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch
  - From: FistFucker

Prev by Date: RE: [Full-disclosure] Amazon Phishing Scam - Tech Details
Next by Date: RE: [Full-disclosure] Amazon Phishing Scam - Tech Details
Previous by thread: Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch
Next by thread: Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch
Index(es):
- Date
- Thread