Avirt 4.2 question

From: nicolas brulez (brulez@cartel-securite.fr)
Date: Wed Feb 20 2002 - 09:24:39 PST

Next message: Steven M. Christey: "Internet-Draft for "Responsible Disclosure Process" released"

Previous message: William D. Colburn (aka Schlake): "Re: Non existing attachments, more info"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I have seen 2 advisories for avirt 4.2 gateway.
Did they patch it without modifying the version ?
I tried the proof of concept exploit and it did nothing but close the 
server.
I wanted to trigger the buffer overflow on the web server too, in order 
to write a proof of concept exploit
but my attempts did nothhing but close the server again.. (something 
like 4000 chars)
I never managed to overwrite my EIP.(or doesn't it crash when you do it ? )
I was wondering if they patched it in a dodgy way ?
Sorry if it is not the good place for such a post ;-)

Best Regards,

Nicolas Brulez
Cartel-Securite.

Next message: Steven M. Christey: "Internet-Draft for "Responsible Disclosure Process" released"
Previous message: William D. Colburn (aka Schlake): "Re: Non existing attachments, more info"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 20 2002 - 18:01:31 PST