Ekoparty 2009 - Revese & Go Challenge Results

[Nicolas Waisman <nicolas () immunitysec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

EkoParty Research & Go Contest

 The contest is over and we have many very interesting entries. The main
 exploitable bug was a stack overflow on a strncpy() call when two
 attributes were repeated and the content of the second was started with
 "<" and contained a string bigger than 512 characters.

 For example, the following string would trigger a crash:
 '<book name="AA" name="<%s" />' % ('A'*1024)


 The winners of the tickets for the Ekoparty 2009 are:

 1) Alfredo Ortega
 2) Cody Pierce
 3) Leandro Costantino
 4) Marc Chisinevski

Immunity would like to thank all the contestants!


Cheers,
Nico Waisman
Immunity, Inc.

PS: As a platinium sponsor at the upcoming EkoParty in downtown
Buenos Aires, Argentina, we are able to provide you with a special
discounted of a 50% on ticket price and 75% in trainings.  If you are
interested in attending this conference at the special discounted
rate, please email argentina () immunityinc com to get the registration
code needed for the discount to be applied.
Don't miss the chance to attend Immunity's 2 day Trainings "Breaking
Window" (Damian Gomez) and "Shellcode Programming" (Pablo Sole).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkqlYSAACgkQnx8KWzmcRsFTPgCglkDbSsP4xaGjxzzoW0APybye
4q0AnjN2NSROKPakClvz+BbdDWmNz31C
=wdwl
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave