Vulnerability Development mailing list archives
Re: Neotrace v2.12a Buffer Overflow [?]
From: Juliano Rizzo <jrz () MAIL RU>
Date: Fri, 1 Sep 2000 21:53:29 -0300
Looking at your messages seems to be enough to determine that the overflow is exploitable because EIP was overwritten with 0x26 (& sign) and that char is also on the stack dump. I recently download this funny program. You didn't say where the overflow is, my first try was typing a long (not so long: 240) string on the address field and it crashed. This is a real overflow and it's possible to execute arbitrary code. But, who wants to exploit this program locally? I think this particular bug isnt danger. Would be a problem if the same overflow occurs when the program resolves domain names or request any other information from a remote non trusted source. -- Juliano Rizzo <juliano () core-sdi com> http://julianor.tripod.com http://www.core-sdi.com -- Juliano Rizzo <julianorizzo () ciudad com ar> [Llave PGP disponible en servidores] PGP DH/DSS 1024/2048 Fingerprint: 0739 CA21 677F E847 4D8C 720D E5C1 2329 0344 3CD6
Current thread:
- Neotrace v2.12a Buffer Overflow [?] Erik Tayler (Sep 01)
- Re: Neotrace v2.12a Buffer Overflow [?] eEye Digital Security (Sep 01)
- Re: Neotrace v2.12a Buffer Overflow [?] Erik Tayler (Sep 01)
- Re: Neotrace v2.12a Buffer Overflow [?] Juliano Rizzo (Sep 02)
- <Possible follow-ups>
- Re: Neotrace v2.12a Buffer Overflow [?] Juliano Rizzo (Sep 04)
- Re: Neotrace v2.12a Buffer Overflow [?] eEye Digital Security (Sep 01)