Vulnerability Development mailing list archives
Re: Buffer overflow in Microsoft ftp.exe
From: "D.C. van Moolenbroek" <dc.van.moolenbroek () chello nl>
Date: Wed, 30 Apr 2003 23:49:48 +0200
"aT4r InsaN3" wrote:
if an attacker with axx to the system is able to modify the scriptfile he can modify the script and place an evil command Quote AAAAAA..SHELLCODE... and execute code with elevated privileges.
Yes, but since he can also use the ftp client's built-in "!" command to execute shell commands in that case, this does not seem to be a very realistic scenario? Regards, David -- class sig{static void main(String[]s){for// D.C. van Moolenbroek (int _=0;19>_;System.out.print((char)(52^// (CS student, VU, NL) "Y`KbddaZ}`P#KJ#caBG".charAt(_++)-9)));}}// -Java sigs look bad-
Current thread:
- Buffer overflow in Microsoft ftp.exe aT4r InsaN3 (Apr 30)
- Re: Buffer overflow in Microsoft ftp.exe D.C. van Moolenbroek (Apr 30)
- <Possible follow-ups>
- Re: Buffer overflow in Microsoft ftp.exe rdusek (Apr 30)