Re: Another Sql Server 7 Buffer Overflow (Update)

From: c c (cesarc56at_private)
Date: Thu Mar 07 2002 - 14:35:38 PST

Next message: Douglas Pichardo: "Re: AIM including the beta 4.8.2646 Local/Remote Buffer Oveflow"

Previous message: Kurt Seifried: "Re: StackShield"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hoops...

Sql Server 2000 all service packs is affected too.

Try:

exec xp_dirtree N'XXX...'--> 260 exactly X's

The overflow will ocurr only if the parameter is
passed as unicode and the string lenght must be
exactly 260 in lenght.

Especial Thanks to Aaron C. Newman (Application
Security, Inc.) to point me that Sql 2000 is affected
too and for his colaboration in tests.


Cesar Cerrudo.
Argentina.


__________________________________________________
Do You Yahoo!?
Try FREE Yahoo! Mail - the world's greatest free email!
http://mail.yahoo.com/

Next message: Douglas Pichardo: "Re: AIM including the beta 4.8.2646 Local/Remote Buffer Oveflow"
Previous message: Kurt Seifried: "Re: StackShield"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 08 2002 - 05:07:49 PST