Network Security: Detailed info on Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability

from [gynvael] Network Security

[Permanent Link]

Subject:	Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability
Date:	23 Nov 2007 17:53:51 -0000

Hi,

On 23 Nov 2007 07:23:05 -0000,  <emacs25@gmail.com> wrote:

I was trying to confirm that, but under Windows XP MCE (lang: German and 
English) with all patches, overflows on other address. Can anybody confirm 
that?


I've tested it on VPC with Windows XP SP2 PL and I can confirm it
works as the author stated.

I agree with JohnDo, why just don't send user a specially crafted 
kernel32.dll :).

I don't. First, it's a .txt file, not a .dll file. Second, this file
is a part of emoticon sets. You do not expect emoticons to execute
some code do you ? ;>

2. Why did you wrote VERY HIGH threat? This is local buffer overflow. 
Moreover user has to
replace original file. This vulnerability has more to do with SE :(.

As far as I know the user does not have to overwrite any file. See
http://vexillium.org for a video of exploitation without replacing any
files. "Very High" might be a little to much, but just a little imho
;>


Best Regards ;>
--
gynvael.coldwind//vx

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Gadu-Gadu Local/Remote Buffer Overflow vulnerability, j00ru . vx Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, gg_vuln Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, emacs25 Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, j00ru . vx Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, gynvael <= Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, sdfkjsomcoismwevoiweo Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, emacs25 Re: Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, gynvael

Previous by Date:	Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, j00ru . vx
Next by Date:	Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, sdfkjsomcoismwevoiweo
Previous by Thread:	Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, j00ru . vx
Next by Thread:	Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability, sdfkjsomcoismwevoiweo
Indexes:	[Date] [Thread] [Top] [All Lists]