Vulnerability Development mailing list archives

Re: Remote exploitation of network scanners?

From: Paul Cardon <paul () MOQUIJO COM>
Date: Fri, 25 Aug 2000 14:02:17 -0400

Lincoln Yeoh wrote:


Hypothetical scenario:
A scanner requiring remote input scans a targeted host, looking for replies.
The targeted host replies with exceptional input causing the scanner to run
arbitrary code (buffer overflow etc etc), probably with the privileges of
the user running that scanner.


Real scenario:

This happened to an early version of ISS.  I believe it was discovered
by Mudge or somebody else at the L0pht.

-paul

Current thread:

Packet Fragmentation Attacks Max (Aug 24)
- Re: Packet Fragmentation Attacks Mikael Olsson (Aug 25)
- Remote exploitation of network scanners? Lincoln Yeoh (Aug 25)
  - Re: Remote exploitation of network scanners? Paul Cardon (Aug 25)
  - Re: Remote exploitation of network scanners? Marc Maiffret (Aug 25)
  - Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 25)
    - Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 26)
    - Re: Remote exploitation of network scanners? Lincoln Yeoh (Aug 26)
    - Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 26)
    - Re: Remote exploitation of network scanners? Ryan Sweat (Aug 26)
  - Re: Remote exploitation of network scanners? Adam Prato (Aug 25)
    - Re: Remote exploitation of network scanners? Fyodor (Aug 26)
    - Re: Remote exploitation of network scanners? Marshall Beddoe (Aug 26)
  - Re: Remote exploitation of network scanners? Cashdollar, Larry (Aug 25)

(Thread continues...)