RE: ASP code testing

["Omar Koudsi" <omark () jeeran com>]

No, this is not a buffer over-flow. The errors you are getting are standard
DB error for not found records or illegal numbering

-----------
Omar Koudsi
IT Architect
Network Security Center
Special Systems Company
http://security.sscjo.com
omark () sscjo com
Tel: (9626) 5664221
Fax: (9626) 5681557

-----Original Message-----
From: Dan Richardson [mailto:dan.richardson () paradise net nz]
Sent: Sun, November 18, 2001 1:00 AM
To: pen-test () securityfocus com
Subject: ASP code testing


I'm currently testing some ASP code on an e-commerce site. My question
is could this be used to execute a buffer overflow exploit?

The following URL:

http://www.asite.com/show/showsomething.asp?ID=5

Will retrieve a legitmate item from the database. By playing with the
number a bit-

http://www.asite.com/show/showsomething.asp?ID=32767

Will generate

ADODB.Field error '80020009'

Either BOF or EOF is True, or the current record has been deleted.
Requested operation requires a current record.

But if I bump that number up to 32768 (unsigned integer limit)-

Microsoft VBScript runtime error '800a0006'

Overflow: 'cint'

/show/showsomething.asp, line x


Thanks

Dan



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/