Full Disclosure mailing list archives
Re[2]: Frontpage Extensions Remote Command Execution
From: Adik <netninja () hotmail kg>
Date: Fri, 14 Nov 2003 01:20:00 +0600
Hello Nick, Thursday, November 13, 2003, 3:14:40 AM, you wrote: NJ> Has anyone even had any luck reproducing this? I can't for the life of NJ> me get a crash... NJ> -----Original Message----- NJ> From: Geo. NJ> Sent: Wed 11/12/2003 11:41 AM NJ> To: full-disclosure () lists netsys com NJ> Cc: NJ> Subject: RE: [Full-disclosure] Frontpage Extensions Remote NJ> Command Execution NJ> >> NJ> Well, for one, it's not root level. It allows ANONYMOUS (Guest) NJ> access NJ> << NJ> No it's not, IWAM is Web Applications MANAGER account you were NJ> thinking of NJ> IUSR perhaps? This is not guest. This account can change NJ> websites so in a NJ> multi host environment this level of access will allow a NJ> compromise of every NJ> website on the server. NJ> Geo. (I'd call that root) NJ> _______________________________________________ NJ> Full-Disclosure - We believe in it. NJ> Charter: http://lists.netsys.com/full-disclosure-charter.html What i learned from this overflow was that there is a difference between sending 500 'A's and sending 500 'X's. sending 500 'A' even more doesn't trigger access violation on dllhost process. however if u send 500 'X's u'll get acces violation. well at least thats what i noticed. maybe i'm wrong. so sometimes sendin different strings might generate different results. -- Best regards, Adik mailto:netninja () hotmail kg _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Frontpage Extensions Remote Command Execution, (continued)
- RE: Frontpage Extensions Remote Command Execution Geo. (Nov 12)
- RE: Frontpage Extensions Remote Command Execution mattmurphy () kc rr com (Nov 12)
- RE: Frontpage Extensions Remote Command Execution Geo. (Nov 12)
- Re: Frontpage Extensions Remote Command Execution Damian Gerow (Nov 12)
- Re: Frontpage Extensions Remote Command Execution Paul Schmehl (Nov 12)
- Re: Frontpage Extensions Remote Command Execution Damian Gerow (Nov 12)
- Re: Frontpage Extensions Remote Command Execution Ricky Blaikie (Nov 12)
- RE: Frontpage Extensions Remote Command Execution mattmurphy () kc rr com (Nov 12)
- Re: Frontpage Extensions Remote Command Execution Geoincidents (Nov 12)
- RE: Frontpage Extensions Remote Command Execution Nick Jacobsen (Nov 12)
- Re[2]: Frontpage Extensions Remote Command Execution Adik (Nov 13)
- RE: Frontpage Extensions Remote Command Execution Marc Maiffret (Nov 13)