lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu Mar 31 20:44:20 2005
From: geggam at gmail.com (Dan Becker)
Subject: BO in http://rad.msn.com/ADSAdClient31.dll

several times when accessing hotmail while running linux that dll was
pushed at me

here is a copy of one 

http:///www.bsdnixsolutions.com/ADSAdClient31.dll

<!--NOAD--><img src="http://global.msads.net/ads/defaultads/TR.gif?C=C&E=12&N=A0
3"/>

is all it contained

On Thu, 31 Mar 2005 05:53:39 -0700, Scott Edwards <supadupa@...il.com> wrote:
> On Mar 30, 2005 3:14 AM, jamie fisher <contact_jamie_fisher@...oo.co.uk> wrote:
> > Link:  http://rad.msn.com/ADSAdClient31.dll
> >
> > Description:  Overflow a parameter's value
> >
> > Cause:  User input length is not limited thereby enabling buffer overflows
> >
> > Worst case:  Execute remote commands on the web server.  Under normal
> > circumstances this would require compromise of the server and its contents.
> > Web application may not share its content.  Sylvia Saint may not let me have
> > free free access to her private collection any more.  Bill may do the
> > same...
> >
> > Comment:  I've not run malicious code on the server.  Just noticed it was
> > vulnerable :-)
> >
> [snip]
> 
> Please elaborate.  You've provided a url to what appears to be a
> CGI/ISAPI resource.  Did you obtain the actual dll?  If so, how did
> you analyze it?  Show us your findings.  This is *full* disclosure.
> We want to evaluate the same information you've used to make your
> conclusion, so we may make our own.
> 
> Thank you,
> 
> Scott Edwards
> --
> Daxal Communications - http://www.daxal.com
> Surf the USA - http://www.surfthe.us
> 
> Don't reply to me, I read the list!
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ