Network Security: Detailed info on [Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

[Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer

from [Brett Glass] Network Security

[Permanent Link]

Subject:	[Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer overflow
Date:	Sat, 25 Dec 2004 12:36:16 -0700

I don't see why one would need a script to exploit the hole.

In any event, I'd like to shim the API to catch this bug, since the fat and 
sassy millionaire
monopolists at Microsoft are unlikely to get off their derrieres to fix the bug 
during
Christmas. Unfortunately, it's part of a big system DLL with tons of entry 
points. How best to 
shim it?

--Brett

At 07:19 PM 12/24/2004, flashsky wrote:

   This vul can be exploited, at 
http://www.xfocus.net/flashsky/icoExp/index.html ,i give a test exp(open 
28876 port) for windows xp sp1, but it need html sctipt run and allocate 
memory.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer overflow, flashsky [Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer overflow, Brett Glass <= Message not available Re: [Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer overflow, Brett Glass Re: Microsoft Windows LoadImage API IntegerBuffer overflow, Berend-Jan Wever

Previous by Date:	[Full-Disclosure] (no subject), class 101
Next by Date:	Re: [Full-Disclosure] new phpBB worm affects 2.0.11, Andrew Farmer
Previous by Thread:	[Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer overflow, flashsky
Next by Thread:	Re: [Full-Disclosure] Re: Re: Microsoft Windows LoadImage API Integer Buffer overflow, Brett Glass
Indexes:	[Date] [Thread] [Top] [All Lists]