It is actually ntdll.dll used by webdav in W2K that is the problem. Curt Purdy CISSP, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke -----Original Message----- From: Nicolas Gregoire [mailto:ngregoireat_private] Sent: Tuesday, March 18, 2003 2:26 PM To: Gary O'leary-Steele Cc: pen-testat_private Subject: Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability > I am planning to write exploit code for the Microsoft Windows 2000 WebDAV > Buffer Overflow Vulnerability. However I don't have enough information about > the vulnerability, e.g. which webdav component is vulnerable, how it is > exploited i.e. where does the large string need to be to cause the overrun. > I don't know webdav but if i get enough information about the request i need > to send to the web server to cause a crash I will write some exploit code > (in perl) and share with the community. You could give a look to the related Nessus plugin : http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/i is_webdav_overflow.nasl Regards, -- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoireat_private ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
This archive was generated by hypermail 2b30 : Tue Mar 18 2003 - 16:10:20 PST