Vulnerability Development mailing list archives
All versions of Microsoft Internet Information Services, Remote buffer overflow (SYSTEM Level Access)
From: "Marc Maiffret" <marc () eeye com>
Date: Mon, 18 Jun 2001 16:54:03 -0700
I didnt want to spam you all with the full advisory but I thought you guys might like Ryan Permehs note on wide character overflow exploitation. It is in "The Exploit" section of our advisory. He talks about it in our latest IIS .ida ISAPI overflow advisory: http://www.eeye.com/html/Research/Advisories/AD20010618.html Signed, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Web Application Firewall
Current thread:
- All versions of Microsoft Internet Information Services, Remote buffer overflow (SYSTEM Level Access) Marc Maiffret (Jun 19)