Vulnerability Development mailing list archives
Re: Remote exploitation of network scanners?
From: Paul Cardon <paul () MOQUIJO COM>
Date: Fri, 25 Aug 2000 14:02:17 -0400
Lincoln Yeoh wrote:
Hypothetical scenario: A scanner requiring remote input scans a targeted host, looking for replies. The targeted host replies with exceptional input causing the scanner to run arbitrary code (buffer overflow etc etc), probably with the privileges of the user running that scanner.
Real scenario: This happened to an early version of ISS. I believe it was discovered by Mudge or somebody else at the L0pht. -paul
Current thread:
- Packet Fragmentation Attacks Max (Aug 24)
- Re: Packet Fragmentation Attacks Mikael Olsson (Aug 25)
- Remote exploitation of network scanners? Lincoln Yeoh (Aug 25)
- Re: Remote exploitation of network scanners? Paul Cardon (Aug 25)
- Re: Remote exploitation of network scanners? Marc Maiffret (Aug 25)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 25)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 26)
- Re: Remote exploitation of network scanners? Lincoln Yeoh (Aug 26)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 26)
- Re: Remote exploitation of network scanners? Ryan Sweat (Aug 26)
- Re: Remote exploitation of network scanners? Adam Prato (Aug 25)
- Re: Remote exploitation of network scanners? Fyodor (Aug 26)
- Re: Remote exploitation of network scanners? Marshall Beddoe (Aug 26)
- Re: Remote exploitation of network scanners? Cashdollar, Larry (Aug 25)