| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <917681160.20040429141234@SECURITY.NNOV.RU> Date: Thu, 29 Apr 2004 14:12:34 +0400 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: "KF (lists)" <kf_lists@...netops.com> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re[2]: Microsoft's Explorer and Internet Explorer long share name buffer overflow. Dear KF (lists), --Thursday, April 29, 2004, 3:55:39 AM, you wrote to bugtraq@...urityfocus.com: Kl> Thus far I have been unable to locate a good unicode return address... Kl> but thats not to say there is not one there. =] . For those of you Kl> wondering smb.conf DOES allow for characters like \x90 and other things Kl> of that nature. It shouldn't be hard to patch Samba to export share name as Unicode. In this case exploitation is trivial. Kl> enjoy. Kl> -KF Kl> Paul Szabo wrote: >> >>Anyway, http://support.microsoft.com/?kbid=322857 lies when it says this is >>fixed in W2kSP4; or maybe that KB article refers to a different problem: it >>say the error should be "Access Violation", I got "Program Error". >> >>Cheers, >> >>Paul Szabo - psz@...hs.usyd.edu.au >>http://www.maths.usyd.edu.au:8000/u/psz/ >>School of Mathematics and Statistics University of Sydney 2006 Australia >> >> >> Kl> _______________________________________________ Kl> Full-Disclosure - We believe in it. Kl> Charter: http://lists.netsys.com/full-disclosure-charter.html -- ~/ZARAZA Бросьте стараться - ничего из этого не выйдет. (Твен) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists