lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Mar 2010 19:24:23 +0100 From: Security <security@...elan.be> To: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>, "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: QuickZip 0day detailed write-up In case some of you missed it - I published 2 articles on the Offensive Security Blog (last one was published a few hours ago), explaining the process of building a (not so typical) SEH based exploit for a QuickZip 0day vulnerability. Part 1 : http://www.offensive-security.com/blog/vulndev/quickzip-stack-bof-0day-a-box-of-chocolates/ Part 2 : http://www.offensive-security.com/blog/vulndev/quickzip-stack-bof-a-box-of-chocolates-part-2/ Enjoy ! Corelanc0d3r