Microsoft FrontPage Server Extensions SmartHTML Buffer Overflow Vulnerability

From: Gary O'leary-Steele (garyo@sec-1.com)
Date: Fri Sep 27 2002 - 06:47:23 PDT

Next message: Muhammad Faisal Rauf Danka: "Re: TCP Port 3600"

Previous message: Bharadwaj, Maninder: "[Full-Disclosure] Buffer Overrun in SmartHTML Interpreter Could Allow Code Executio n (Q324096)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all,

I am looking for details on the recent "Microsoft FrontPage Server
Extensions SmartHTML Buffer Overflow Vulnerability" the advisory is a bit
vague and I can't work out the format of the request required to reproduce
the overflow.

I’ve tried the usual

http://target/null.shtml?AAAA>AAAA=x

http://target/AAAA>AAAA.shtml

etc but to no avail.


I need this to update our IDS system and to write exploit code for the
vulnerability (which I will share).

Any help is greatly appreciated

Kind Regards
Gary

Next message: Muhammad Faisal Rauf Danka: "Re: TCP Port 3600"
Previous message: Bharadwaj, Maninder: "[Full-Disclosure] Buffer Overrun in SmartHTML Interpreter Could Allow Code Executio n (Q324096)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 27 2002 - 09:26:50 PDT