Full Disclosure mailing list archives
Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected]
From: "ad () heapoverflow com" <ad () heapoverflow com>
Date: Mon, 02 Jan 2006 22:29:57 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 he said me offline around 52000 chars , and you do not need to press ok to trigger it, its supposed to occur when do you copy paste the chars within the area, however here nothing happen on xp sp2 en + firefox 1.5 , I can just see my AAA buffer replaced by a blank buffer once I paste it in the box.. Stan Bubrouski wrote:
Well if you look at the fact there is no title on titlebar and the fact the active tab is Untitled, I'd hazard to guess its something he manually entered into the address bar, and so we don't even know if this is exploitable by clicking a link or whatnot. Not exactly sure why this was posted if no details are provided. Anything else for us Sumit? -sb On 1/2/06, Lise Moorveld <lise_moorveld () yahoo com> wrote:Dear Sumit, Could you tell me how you exploited this buffer overflow issue in Firefox so I can try and reproduce it? I notice a lot of A's in your address bar but I'm not sure whether that's it and if so, how many A's are used. Regards, Lise --- Sumit Siddharth <sumit.siddharth () gmail com> wrote:Hi, The Windows display manager crashes when a BOF is attempted on a mozilla firefox. This has different results on different windows machine. In Windows XP only the display manager crashes , whereas on a Windows 2000 server the BSOD(Blue screen of death )appears and the system hangs. I am using Firefox 1.0.6. I think that the bug is in the display driver and not with firefox. Kindly find a screen shot attached with this email. Thanks Sumit -- Sumit Siddharth Information Security Analyst NII Consulting Web: www.nii.co.in ------------------------------------ NII Security Advisories http://www.nii.co.in/resources/advisories.html ------------------------------------_______________________________________________Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia -http://secunia.com/ __________________________________________ Yahoo! DSL ? Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ---------------------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iQIVAwUBQ7mbVK+LRXunxpxfAQLGTxAArIU8bpjYUITigxk5qhadp68ug9qrF3Db hd/lmUF1G2R6jbG97OC9C0HkNJZdgg61xMPPlsNwBIfk7qxcMeXSE23I5y/T2nDX E4gNdiGqmhXa+maLeSYII3YqxVIeAENh6LL/oE9wiiajkrCj9QI2lcfYe6GJZkv5 yW2INyTOWt/Qca465HoV1PwTt6taO5R/AyjTKoO8PjaukUPHrMYt2tJY+p0KvrRc fpvbIXMNQ80/1gTE7KCJeMDtzeiNH8JwxebNpOyU6lcnyLtNH7FSup21DyBJWTg0 bvwpvGQetPbFhJttqtWv6tJU7vF3NE4Q6sASV2EokcjYbAkts+fkxi+zrrVhgLWA kLFpq8OVV+XxmIcR686xGnJhxnlHtrfAT8A8OFwkzvRQnsv4N6UMXXrHJFWh+uJ5 cyWMzaGdUvVkobcFwUvWyG26TsT4Nap56bi/VOVKxkyRrdVPRCTzqHL80GqBJ/I2 SQeE6Q7/b4HL8rreAvUBhP3N0zctxjUTAnfiTS7+XTYsuj8Q5UVKk9rNFRl/9pif zG5kQCEGzQmWSnMi5OfAheuVJMorb4tVta0/l5kgIas/DCv74VwQ5p7EnfBErX5p aQLia8VosnSSjPf9Yx7hzOvqQR+e8W1uIHiKXhbxGTnl/HiJvLvnqskxGwajnSPJ 10D7YhdlAHE= =/Zt9 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Buffer Overflow vulnerability in Windows Display Manager [Suspected] Sumit Siddharth (Jan 02)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] Lise Moorveld (Jan 02)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] Stan Bubrouski (Jan 02)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] InfoSecBOFH (Jan 02)
- RE: Buffer Overflow vulnerability in WindowsDisplay Manager [Suspected] Paul (Jan 03)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] ad () heapoverflow com (Jan 02)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] Sumit Siddharth (Jan 02)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] Sumit Siddharth (Jan 03)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] ad () heapoverflow com (Jan 03)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] InfoSecBOFH (Jan 03)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] InfoSecBOFH (Jan 03)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] Stan Bubrouski (Jan 02)
- Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] Lise Moorveld (Jan 02)
- <Possible follow-ups>
- Buffer Overflow vulnerability in Windows Display Manager [Suspected] casiamo (Jan 02)