Full Disclosure mailing list archives

Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security)

From: "morning_wood" <se_cur_ity () hotmail com>
Date: Fri, 30 Apr 2004 07:51:45 -0700

Hi morning wood. Aren't you the guy who ran a vulnerable demo version
of some windows ircd for your "security team"? Oh no.... maybe someday
you might be important enough to be Rosiello Jr Security Analyst.

no, i ran a personal IRCD that was attacked by the by the precursor of msblaster
( proc32.exe ) and it was a DoS to my connection, not a buggy IRCD.
details may be read at
http://exploitlabs.com/attack/RPC-DCOM-DD0S-attack.txt
or
http://lists.virus.org/dw-0day-0308/msg00001.html
or
http://www.blacksheepnetworks.com/security/security/fulldisc/5779.html

get you facts straight mmmk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) Slotto Corleone (Apr 29)
- Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) Richard Johnson (Apr 29)
  - Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) Slotto Corleone (Apr 30)
- <Possible follow-ups>
- H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) Slotto Corleone (Apr 29)
  - Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) morning_wood (Apr 29)
    - Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) Slotto Corleone (Apr 30)
    - Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) morning_wood (Apr 30)
  - Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) 3APA3A (Apr 30)
    - Re: H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security) Slotto Corleone (Apr 30)