[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Buffer Overflow vulnerability in Windows Display Manager [Suspected]
- To: Full-Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Buffer Overflow vulnerability in Windows Display Manager [Suspected]
- From: InfoSecBOFH <infosecbofh@xxxxxxxxx>
- Date: Tue, 3 Jan 2006 03:33:21 -0800
oh.. and by the way... only works with the intel driver (and only a
couple differnt versions) and is not exploitable... this is a DoS and
nothing more.
On 1/3/06, InfoSecBOFH <infosecbofh@xxxxxxxxx> wrote:
> I have only replicated this with the intel driver. have tried others
> and no dice.
>
> On 1/3/06, Sumit Siddharth <sumit.siddharth@xxxxxxxxx> wrote:
> > I think the problem is with the intel driver and particularly with file
> > ialmnt5.sys
> > Hope it helps
> > Sumit
> >
> >
> >
> >
> > On 1/3/06, Sumit Siddharth <sumit.siddharth@xxxxxxxxx > wrote:
> > > Dear All,
> > > Sorry for the delayed response.
> > > I had success in exploiting it remotely by a simple javascript
> > > <script>window.open("http://aa...";);</script>. But i think it doesnt work
> > with some drivers.I am using XP ,professional, SP2. and firefox 1.0.6. I am
> > using a string of about 53,000 char to overflow the buffer.
> > > Thanks
> > > Sumit
> > >
> > >
> >
> >
> >
> > --
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> > http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/