| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2be58a30601030333x3d7c4fc7v24fa1632f7be1626@mail.gmail.com>
Date: Tue Jan 3 11:33:39 2006
From: infosecbofh at gmail.com (InfoSecBOFH)
Subject: Buffer Overflow vulnerability in Windows
Display Manager [Suspected]
oh.. and by the way... only works with the intel driver (and only a
couple differnt versions) and is not exploitable... this is a DoS and
nothing more.
On 1/3/06, InfoSecBOFH <infosecbofh@...il.com> wrote:
> I have only replicated this with the intel driver. have tried others
> and no dice.
>
> On 1/3/06, Sumit Siddharth <sumit.siddharth@...il.com> wrote:
> > I think the problem is with the intel driver and particularly with file
> > ialmnt5.sys
> > Hope it helps
> > Sumit
> >
> >
> >
> >
> > On 1/3/06, Sumit Siddharth <sumit.siddharth@...il.com > wrote:
> > > Dear All,
> > > Sorry for the delayed response.
> > > I had success in exploiting it remotely by a simple javascript
> > > <script>window.open("http://aa...");</script>. But i think it doesnt work
> > with some drivers.I am using XP ,professional, SP2. and firefox 1.0.6. I am
> > using a string of about 53,000 char to overflow the buffer.
> > > Thanks
> > > Sumit
> > >
> > >
> >
> >
> >
> > --
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> > http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
Powered by blists - more mailing lists