Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 3COM TFTPD Overflow: SEH Overwrite

From: the_insider () mail com
Date: 31 Jan 2008 02:24:30 -0000
On XP SP2 the module "ws2_32.dll" was compiled with SafeSEH, so you can't use it to execute code by overwriting the SEH 
handler to point into it. You can see which modules are SafeSEH enabled and which aren't by using this OllyPlugin at:
http://www.openrce.org/downloads/details/244/OllySSEH
Previous By Date Next
Previous By Thread Next

Current thread: