lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <E1ABAjz-0000lh-00.recca-mail-ru@f7.mail.ru>
From: recca at mail.ru ("Hanabishi Recca" )
Subject: Proof of concept for Windows Messenger Serviceoverflow

I put my hands on a Windows XP SP1 to test, max body length is 3880 instead of
3992. Anyway setting this value lower will give you results too.

Regards,

Recca

-----Original Message-----
From: Paul Tinsley <pdt@...khammer.org>
To: Hanabishi Recca <recca@...l.ru>
Date: Sat, 18 Oct 2003 19:53:30 -0500
Subject: Re: [Full-Disclosure] Proof of concept for Windows Messenger Serviceoverflow

> 
> I compiled the PoC DOS with one small change so that it would accept IP 
> addresses from the command line instead of recompiling per test.  I ran 
> the dos several times per OS, here are the results I got (none of the 
> test systems have the KB828035 hotfix applied.)
> 
> Windows 2000 Advanced Server SP4:
> System Crash: 
> http://www.jackhammer.org/exploits/ms03-043/ms03-043_2KASsp4_POC_DOS.jpg
> 
> Windows XP Gold:
> No effect
> 
> Windows XP SP1:
> No effect
> 
> Windows 2003 Server Enterprise Edition (default config):
> No effect
> 
> Windows 2003 Server Enterprise Edition (Messenger Service turned on):
> No effect
> 
> Doesn't look like this one is the silver bullet to catch them all 
> (*phew*) but it does bring us a bit closer to this hole turning ugly.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ