Full Disclosure mailing list archives
Re: KCSEC-00000001-ServUWebClient
From: Megumi Yanagishita <megumi1990 () gmail com>
Date: Wed, 4 Nov 2009 07:57:21 +0800
If you are about to exploit this bug with ollydbg and a /SafeSEH scanner plug-in which could be found at: http://www.openrce.org/downloads/details/244/OllySSEH I think you may need to change line 516 of ollysseh.c from *free(lpDD);* to *else free(lpLCD);* and re-compile it. Or you may find your ollydbg crashes once it runs the original OllySSEH.dll plug-in. Thanks, M. Yanagishita On Mon, Nov 2, 2009 at 6:18 AM, Nikolaos Rangos <nikolaos () rangos de> wrote:
Hello list, the vulnerability named "RhinoSoft.com Serv-U 9.0.0.5 WebClient Remote Buffer Overflow" can be found at http://www.rangos.de/ServU-ADV.txt. Best Regards, Nikolaos Rangos _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- KCSEC-00000001-ServUWebClient Nikolaos Rangos (Nov 02)
- Re: KCSEC-00000001-ServUWebClient Megumi Yanagishita (Nov 03)