Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Internet explorer Vulnerbility

from [Alexander Sotirov] Network Security [Permanent Link]
Subject: Re: Internet explorer Vulnerbility
Date: Thu, 01 Jun 2006 02:45:23 -0700 
Confirmed on a fully patched Windows XP.

It's a stack overflow in inetconn.dll, but it's most likely not exploitable
because the DLL is compiled with /GS. There are no other interesting variables
to overwrite between the buffer and the return address. Overwriting the
arguments doesn't get us anywhere either.

It would be exploitable on older systems not compiled with /GS, but the code
where the vulnerability is was added in XP SP2.

Alex
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] Joomla/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities, Yannick von Arx
Next by Date:  Corsaire Security Advisory - VMware ESX Server Cross Site Scripting issue, advisories
Previous by Thread:  Internet explorer Vulnerbility, Mr . Niega
Next by Thread:  RE: Internet explorer Vulnerbility, Peter Kruse
Indexes:  [Date] [Thread] [Top] [All Lists]