Full Disclosure mailing list archives

LSASS.EXE Remote Buffer Overflow Investigation

From: "Richard Maudsley" <r_i_c_h_lists () btopenworld com>
Date: Wed, 14 Apr 2004 03:55:09 +0100

Hello list,

Regarding [Full-Disclosure] EEYE: Windows Local Security Authority Service
Remote Buffer Overflow
(http://archives.neohapsis.com/archives/fulldisclosure/2004-03/1994.html).

None of my systems (XP Pro, 2K, 2K3 Server) had this log file
("DCPROMO.LOG") in their %WINDOWS%\Debug directorys. I'm guessing this is
because the logging functions have never been called.

How is this (and the other affected commands) executed remotly?

Thanks,
-Rich

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

LSASS.EXE Remote Buffer Overflow Investigation Richard Maudsley (Apr 13)
- RE: LSASS.EXE Remote Buffer Overflow Investigation Jeff Schreiner (Apr 14)