lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <43466314.8010206@as.ro>
Date: Fri, 07 Oct 2005 14:59:16 +0300
From: user1 <user1@...ro>
To: advisory@...ecom.org
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
	news@...uriteam.com, vuldb@...urityfocus.com
Subject: Re: MailEnable W3C Logging Remote Buffer Overflow
	Proof of Concept


advisory@...ecom.org wrote:

> The buffer used provides quite a bit of room for shellcode, so I've decided
> to construct a shellcode that as far as I know hasn't been made.

I've seen this kind of thing on a blaster variant (With the notable
exeption that it was also trying to spread like any other worm).
It is a nice poc, but I don't think it has real uses. We will patch you
even if you want it or not ? :D
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ