Full Disclosure mailing list archives

Re: Probes on port 389

From: "Frank Boldewin" <frank.boldewin () gmx de>
Date: Wed, 25 Feb 2004 22:49:12 +0100

hi,

i'm really sure that this is the exploit which was released by coromputer.
further i think this one only can work for imail ldap 8.
other imail versions like 6 or 7 just get DoSed, because if you wanna get a
shell
on 6 and 7, you have to place the SEH 8 bytes higher.
in addition this exploit depends on the OS version to get a shell.

greetings,
frank

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Probes on port 389 Schmehl, Paul L (Feb 24)
- Re: Probes on port 389 John Sage (Feb 24)
- Re: Probes on port 389 John Sage (Feb 25)
- RE: Probes on port 389 Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- <Possible follow-ups>
- RE: Probes on port 389 Lee Fisher (Feb 24)
- RE: Probes on port 389 Schmehl, Paul L (Feb 25)
- Re: Probes on port 389 Frank Boldewin (Feb 25)