ISA Server update..

From: Barnaby Jack (dspyritat_private)
Date: Fri Apr 27 2001 - 19:19:45 PDT

Next message: Linux Mandrake Security Team: "MDKSA-2001:043 - rpmdrake update"

Previous message: Solar Designer: "Re: x86 vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We've now had the opportunity to do some testing on different
hosts/configurations... the results differed from ours but yet still
provided exploitable conditions.

The breaks this time were during calls to RtlAllocateHeap and RtlFreeHeap -
with careful register manipulation it is STILL possible to execute custom
code.

More detailed info later.

-dark spyrit.

Next message: Linux Mandrake Security Team: "MDKSA-2001:043 - rpmdrake update"
Previous message: Solar Designer: "Re: x86 vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Apr 28 2001 - 09:54:16 PDT