Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SV: The French BUGTRAQ

From: Cesar <cesarc56 () yahoo com>
Date: Fri, 25 Jul 2003 09:16:42 -0700 (PDT)
Here is what it looks like The Analysis of LSD's
Buffer Overrun in Windows RPC Interface

http://www.xfocus.org/documents/200307/2.html

Cesar.
--- Peter Kruse <kruse () krusesecurity dk> wrote:

Hi,

From the code:
RPC DCOM overflow Vulnerability discoveried by LSD
Code by FlashSky,Flashsky xfocus
org,benjurry,benjurry xfocus org

It sure looks like it ... Better patch up.

Med venlig hilsen // Kind regards

Peter Kruse
Kruse Security
http://www.krusesecurity.dk

-----Oprindelig meddelelse-----
Fra: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] På
vegne af D C
Sendt: 25. juli 2003 15:31
Til: full-disclosure () lists netsys com
Emne: Re: [Full-Disclosure] The French BUGTRAQ



I noticed there is a an exploit in the archive at
http://www.K-otiK.com
titled "MS Windows RPC DCOM Interface Buffer
Overflow Exploit" (the file
itself is 07.21.MS03-026.c).  I have not had a
chance to review the code
closely, yet... is this an exploit based on the
Windows RPC advisory
released by The Last Stage of Delirium recently?




Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.

_______________________________________________
Full-Disclosure - We believe in it.
Charter:

http://lists.netsys.com/full-disclosure-charter.html


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: