Vulnerability Development mailing list archives
Neotrace v2.12a Buffer Overflow [?]
From: Erik Tayler <nine () 14x net>
Date: Thu, 31 Aug 2000 16:14:04 -0500
Someone sent this to us, wondering if there could be further exploitation of this buffer overflow. Since I am not an overflow guru, I decided to forward it to vuln-dev. Program error was caused after an extremely long string of [any character]. Also, the program doesn't do any checking to see if you are entering an IP address [valid or not] or domain name. We will let you buffer overflow gurus draw up conclusions about this, but in my opinion, it isn't a significant vulnerability. Neotrace [2.12a] was running on Windows 98SE when this occurred [the the best of my knowledge]. NEOTRACE caused an invalid page fault in module <unknown> at 0000:41092626. Registers: EAX=00000000 CS=0167 EIP=41092626 EFLGS=00010206 EBX=00000000 SS=016f ESP=0071f410 EBP=00ae96e0 ECX=cfb1caf0 DS=016f ESI=00431c8c FS=13b7 EDX=00000000 ES=016f EDI=00ae8b50 GS=0000 Bytes at CS:EIP: Stack dump: 352b746c 00ae9600 0071f674 00000001 546f654e 65636172 7777203a 34312e77 656e2e78 26262674 26262626 26262626 26262626 26262626 26262626 26262626 ______________________ Erik Tayler 14x Network Security http://www.14x.net
Current thread:
- Neotrace v2.12a Buffer Overflow [?] Erik Tayler (Sep 01)
- Re: Neotrace v2.12a Buffer Overflow [?] eEye Digital Security (Sep 01)
- Re: Neotrace v2.12a Buffer Overflow [?] Erik Tayler (Sep 01)
- Re: Neotrace v2.12a Buffer Overflow [?] Juliano Rizzo (Sep 02)
- <Possible follow-ups>
- Re: Neotrace v2.12a Buffer Overflow [?] Juliano Rizzo (Sep 04)
- Re: Neotrace v2.12a Buffer Overflow [?] eEye Digital Security (Sep 01)