Does the IIS server have to have the file iisstart.asp in order for the exploit to work? or is this just an asp call to prepare the heap ----- Original Message ----- From: <dullienat_private> To: "MadHat" <madhatat_private> Cc: "Erik Parker" <eparkerat_private>; "'Marc Maiffret'" <marcat_private>; "Vuln-Dev" <vuln-devat_private> Sent: Friday, April 12, 2002 8:25 PM Subject: Re[2]: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow > Hey all, > > M> I have not been able to reproduce these results. I have managed to lock > M> up IIS (IIS 5.0 with all patches pre Apr 1, 2002), but no popup messages > M> appear and no entries in the Application Log. I have also been able get > M> the 100 Continue message (IIS 4.0 all patches pre Apr 1, 2002), but > M> still no popup or messages. > > rule of thumb : It locks up <==> Heap is corrupted <==> vulnerable > > Cheers, > dullienat_private > > -- > Mit freundlichen Grüssen > dullienat_private mailto:dullienat_private >
This archive was generated by hypermail 2b30 : Fri Apr 12 2002 - 17:09:09 PDT