funsec mailing list archives

Previous By Date Next
Previous By Thread Next

One For The Gipper - VNC Client PoC Exposed

From: Don Kennedy <zoverlords () yahoo com>
Date: Wed, 12 Apr 2006 08:14:50 -0700 (PDT)
Quote:
   
  "Though the Server appears safe against remote code execution, the client exploitation is trivial with OllyDbg. 
  
The following POC binds to port 5900 and executes a buffer overflow on vulnerable clients that connect. The client 
machine will then spawn an instance of calc.exe."
   
  http://www.securityfocus.com/archive/1/430711/30/0/threaded
   
  Can anybody come up with some other USEFUL things to launch on people scanning port 5900 other than calc.exe? LOL


                        
---------------------------------
Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: