Bugtraq mailing list archives

Re: BrightStor ARCserve Backup buffer overflow PoC

From: H D Moore <sflist () digitaloffense net>
Date: Fri, 11 Feb 2005 17:49:22 -0600

Is this for the same flaw detailed at the URL below? The iDefense bug 
seems to be in the UDP service, but this affects the TCP service...

 http://www.idefense.com/application/poi/display?id=194&type=vulnerabilities

We just posted an exploit for the UDP overflow (thanks Syscall) to the 
metasploit.com web site, it does not seem like the same vulnerability:

 http://metasploit.com/projects/Framework/exploits.html#cabrightstor_disco

-HD

On Friday 11 February 2005 12:19, cybertronic () gmx net wrote:

//cybertronic () gmx net

#define PORT 41523

Current thread:

BrightStor ARCserve Backup buffer overflow PoC cybertronic (Feb 11)
- Re: BrightStor ARCserve Backup buffer overflow PoC H D Moore (Feb 12)
- Re: BrightStor ARCserve Backup buffer overflow PoC H D Moore (Feb 14)
- <Possible follow-ups>
- Re: BrightStor ARCserve Backup buffer overflow PoC Williams, James K (Feb 16)