Hi, at4r wrote: > while testing a few days ago how to reproduce the lastest mdac rds > vulnerability i found that a specially malformed http request to an IIS > Webserver can allow a buffer overflow. * I don't see a crash * I don't see "big CPU consume". If I flood with this at 2.8MB/s (!) I get ~25% CPU usage @ AMD 1800+. * You can get the same thing with: perl -e 'print "A"x200000'|nc <IP> 80 Cya, Bram Matthys (Syzop).
This archive was generated by hypermail 2b30 : Tue Dec 03 2002 - 20:40:22 PST