| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00e001c60252$ac333a10$14b2a8c0@9f3k0vn7cd6k31j> Date: Fri Dec 16 15:09:24 2005 From: FistFuXXer at gmx.de (FistFucker) Subject: iDEFENSE Security Advisory 12.06.05: Ipswitch I've already tryed this but argument-skipping isn't supported by the called function. -FistFucker (aka FistFuXXer) ----- Original Message ----- From: "H D Moore" <fdlist@...italoffense.net> To: <full-disclosure@...ts.grok.org.uk> Sent: Friday, December 16, 2005 3:59 PM Subject: Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch > This may not be a limitation if you can use the argument-skipping syntax > in msvcrt (ie. %4000$x). > > -HD > > On Friday 16 December 2005 08:32, FistFucker wrote: > >I don't think it's > exploitable because the user controlled string is > >many thousand bytes away from the stack pointer and you can only send 512 > >bytes to the SMTP daemon. > [snip] > > If someone was able to exploit this, I would be interested in exploit > > code or an explanation to learn from him. > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists