Full Disclosure mailing list archives
[Sec-1 Ltd] Buffer Truncation Abuse in Microsoft SQL Server Based Applications
From: "Gary Oleary-Steele" <garyo () sec-1 com>
Date: Tue, 3 Jul 2007 14:05:06 +0100
Buffer Truncation Abuse in Microsoft SQL Server Based Applications Release Date: 3rd July 2007 Author: Gary O'Leary-Steele Web Site: www.sec-1.com This paper is designed to document an attack technique Sec-1 recently adopted during the course of their application assessments. The basic principal of this technique has existed for some time; however we hope this paper we will provide an insight of how a variation of the technique can be adopted to attack common "forgotten password" functionality within web applications. Our initial intention was to release this paper along with a case study demonstrating the flaw within a commercial application. However since the vendor has yet to fix the flaw it was decided that an initial censored release will be followed up with the complete release further down the line. The paper can be downloaded here: http://www.sec-1labs.co.uk/papers/BTA_CensoredRelease.pdf Sec-1 specialises in the provision of network security solutions. For more information on products and services we offer visit www.sec-1.com or call 0113 257 8955. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Sec-1 Ltd] Buffer Truncation Abuse in Microsoft SQL Server Based Applications Gary Oleary-Steele (Jul 03)