Re: Windows 2000 .printer remote overflow proof of concept exploit

From: David Litchfield (mnemonixat_private)
Date: Wed May 02 2001 - 06:23:31 PDT

Next message: mark: ".printer vulnerability needs execute perms?"

Previous message: Russ: "Re: Windows 2000 .printer remote overflow proof of concept exploi t"
In reply to: Matt Power: "Re: Windows 2000 .printer remote overflow proof of concept exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Matt Power <mhpowerat_private>


> >        ... , will create a file called www.eEye.com.txt on the root of
> >drive c.
> >                 ... This proof of concept exploit is not to be used as a
> >method of testing to see if your vulnerable or not.
>
> In some environments, security staff may be responsible for
> identifying which IIS 5.0 servers, out of a large collection of them,
> still do not have a fix in place for this vulnerability. The security
> staff may not have any convenient way to check for the existence of

Snip

My suggestion a while back, when the IIS htr overflow first arrived, was to
code up an exploit that downloads and installs the patch from a server
certified (by yourself) as safe. This way you kill two birds with one stone
;-)
Cheers,
David Litchfield

Next message: mark: ".printer vulnerability needs execute perms?"
Previous message: Russ: "Re: Windows 2000 .printer remote overflow proof of concept exploi t"
In reply to: Matt Power: "Re: Windows 2000 .printer remote overflow proof of concept exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 03 2001 - 15:19:52 PDT