| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9CA621425D6EAE4FBBD29326CC7D1106092F8C@unity-svr.Unity.local> Date: Tue Jan 10 14:57:40 2006 From: Ed at unityitservices.co.uk (Edward Pearson) Subject: PoC for the 2 new WMF vulnerabilities (DoS) As far as I can tell this isn't exploitable, can I get a second on that? ________________________________ From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Drew Masters Sent: 10 January 2006 12:20 To: Andrey Bayora Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS) Not sure if it's been previously mentioned... It's possible to cause similiar crashes by making a malformed call to startdoc instead of setabortproc with 64bytes of garbage data. Cheers Drew On 09/01/06, Andrey Bayora <andrey@...urityelf.org> wrote: Hello list, In case, someone interested: Here is the PoC for the 2 new WMF vulnerabilities discovered by cocoruder (http://ruder.cdut.net) and does not covered by MS06-001. You can download WMF images at: http://www.securityelf.org/files/WMF-DoS.rar Regards, Andrey. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060110/cb4b8d33/attachment.html
Powered by blists - more mailing lists