lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <DE5B0CD0A5DEE04F9147D08BF6DD21DF48F7B0@sec1svr03.SEC1SVR2003.sec-1.com>
Date: Tue, 3 Jul 2007 14:05:06 +0100
From: "Gary Oleary-Steele" <garyo@...-1.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: [Sec-1 Ltd] Buffer Truncation Abuse in Microsoft
	SQL Server Based Applications

Buffer Truncation Abuse in Microsoft SQL Server Based Applications

Release Date:	3rd July 2007
Author:		Gary O'Leary-Steele
Web Site:		www.sec-1.com

This paper is designed to document an attack technique Sec-1 recently
adopted during the course of their application assessments. The basic
principal of this technique has existed for some time; however we hope
this paper we will provide an insight of how a variation of the
technique can be adopted to attack common "forgotten password"
functionality within web applications.

Our initial intention was to release this paper along with a case study
demonstrating the flaw within a commercial application. However since
the vendor has yet to fix the flaw it was decided that an initial
censored release will be followed up with the complete release further
down the line.

The paper can be downloaded here:

http://www.sec-1labs.co.uk/papers/BTA_CensoredRelease.pdf





Sec-1 specialises in the provision of network security solutions. 
For more information on products and services we offer visit 
www.sec-1.com 
or call
0113 257 8955.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ