lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri Dec 16 15:00:19 2005 From: fdlist at digitaloffense.net (H D Moore) Subject: iDEFENSE Security Advisory 12.06.05: Ipswitch This may not be a limitation if you can use the argument-skipping syntax in msvcrt (ie. %4000$x). -HD On Friday 16 December 2005 08:32, FistFucker wrote: >I don't think it's > exploitable because the user controlled string is >many thousand bytes away from the stack pointer and you can only send 512 >bytes to the SMTP daemon. [snip] > If someone was able to exploit this, I would be interested in exploit > code or an explanation to learn from him.
Powered by blists - more mailing lists