regarding iis50_printer_overflow

[nulldevice83 at yahoo.com (Null Device)]

hello all,

regarding this it seems it is an exploit for IIS
printer vulnerability documented here 
http://securityfocus.com/bid/2674
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0241

just to highlight , the refrences given in the msf are

['OSVDB', 548]   ->  is invalid osvdb cant find it.
['MSB', 'MS01-023']  -> states the this covers the
above stated CVE no. 2001-0241
['URL',
'http://lists.insecure.org/lists/bugtraq/2001/May/0011.html'],
-> points to openssl vuln mail.

I am actually confused if this exploit is for
CVE-2001-0241.

I happen to see the .pm file related to the exploit 

in exploit code we have

$request = "GET
http://$pattern/null.printer?$shellcode
HTTP/1.0\r\n\r\n";

and in check code we have 
  $s->Send("GET /NULL.printer\r\nHost: " . ("META" x
64) . "P\r\n\r\n");

The documented information regarding this exploit says
the problem is coz of host header being > 256.
so the check seems to be sending correct request where
as i am not sure abt the "sub exploit" of the .pm file
if the request sent from there is correct to exploit
the server.



                
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/