Metasploit mailing list archives
IMail 2006 and 8.x RCPT TO Stack Overflow
From: Glinares at PCOnsite.com (Greg Linares)
Date: Fri, 20 Oct 2006 09:14:09 -0700
Thank you, yeah milw0rm posted the exploit yesterday @ http://www.milw0rm.com/exploits/2601 i left a variable error on this line : strcat(overflow, WinSKF); should be strcat(overflow, Win2KF); silly me for depending on my compiler to catch everything :) the MSF version should be much nicer to use :) I was actually testing it on a bought version let me see if i could dig up a trial version of it somewhere, the company is only offering 2006.1 for free trial download which was compiled with the /GS option i believe. And the one 8.x demo I found included the HotFix with it (which results in a DoS of the service instead of code execution) And your opcode site is a very nice one, wish i would have gotten to use it. Theres always next exploit. -----Original Message----- From: Jerome Athias [mailto:jerome.athias at free.fr] Sent: Friday, October 20, 2006 3:14 AM To: Glinares at PCOnsite.com Subject: Re: [framework] IMail 2006 and 8.x RCPT TO Stack Overflow Hi Greg, first, congratulations for your exploit code Could it be possible to obtain a link to the vulnerable (trial) version to add it here: https://www.securinfos.info/old_softwares_vulnerable.php Sure a msf module will be nice ;-) Thanks /JA This could also interest you: https://www.securinfos.info/international-opcodes/index.php
Current thread:
- IMail 2006 and 8.x RCPT TO Stack Overflow Greg Linares (Oct 20)
- <Possible follow-ups>
- IMail 2006 and 8.x RCPT TO Stack Overflow Greg Linares (Oct 23)
- IMail 2006 and 8.x RCPT TO Stack Overflow H D Moore (Oct 23)
- IMail 2006 and 8.x RCPT TO Stack Overflow Greg Linares (Oct 23)
- IMail 2006 and 8.x RCPT TO Stack Overflow H D Moore (Oct 23)