Full Disclosure mailing list archives
Re: BO in http://rad.msn.com/ADSAdClient31.dll
From: Dan Becker <geggam () gmail com>
Date: Thu, 31 Mar 2005 13:44:13 -0600
several times when accessing hotmail while running linux that dll was pushed at me here is a copy of one http:///www.bsdnixsolutions.com/ADSAdClient31.dll <!--NOAD--><img src="http://global.msads.net/ads/defaultads/TR.gif?C=C&E=12&N=A0 3"/> is all it contained On Thu, 31 Mar 2005 05:53:39 -0700, Scott Edwards <supadupa () gmail com> wrote:
On Mar 30, 2005 3:14 AM, jamie fisher <contact_jamie_fisher () yahoo co uk> wrote:Link: http://rad.msn.com/ADSAdClient31.dll Description: Overflow a parameter's value Cause: User input length is not limited thereby enabling buffer overflows Worst case: Execute remote commands on the web server. Under normal circumstances this would require compromise of the server and its contents. Web application may not share its content. Sylvia Saint may not let me have free free access to her private collection any more. Bill may do the same... Comment: I've not run malicious code on the server. Just noticed it was vulnerable :-)[snip] Please elaborate. You've provided a url to what appears to be a CGI/ISAPI resource. Did you obtain the actual dll? If so, how did you analyze it? Show us your findings. This is *full* disclosure. We want to evaluate the same information you've used to make your conclusion, so we may make our own. Thank you, Scott Edwards -- Daxal Communications - http://www.daxal.com Surf the USA - http://www.surfthe.us Don't reply to me, I read the list! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- BO in http://rad.msn.com/ADSAdClient31.dll jamie fisher (Mar 30)
- <Possible follow-ups>
- BO in http://rad.msn.com/ADSAdClient31.dll jamie fisher (Mar 30)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Scott Edwards (Mar 31)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Dan Becker (Mar 31)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Thierry Zoller (Mar 31)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Dan Becker (Mar 31)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Thierry Zoller (Mar 31)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Dan Becker (Mar 31)
- Re: BO in http://rad.msn.com/ADSAdClient31.dll Scott Edwards (Mar 31)