funsec mailing list archives
One For The Gipper - VNC Client PoC Exposed
From: Don Kennedy <zoverlords () yahoo com>
Date: Wed, 12 Apr 2006 08:14:50 -0700 (PDT)
Quote: "Though the Server appears safe against remote code execution, the client exploitation is trivial with OllyDbg. The following POC binds to port 5900 and executes a buffer overflow on vulnerable clients that connect. The client machine will then spawn an instance of calc.exe." http://www.securityfocus.com/archive/1/430711/30/0/threaded Can anybody come up with some other USEFUL things to launch on people scanning port 5900 other than calc.exe? LOL --------------------------------- Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- One For The Gipper - VNC Client PoC Exposed Don Kennedy (Apr 12)