Local Bufferoverflow in OutlookExpress

[-No Strezzz Cazzz <Butterphly6 () CAZZZ DEMON NL>]

Made in Holland
PCP/A #0005 (pr0ph)


Local Bufferoverflow in OutlookExpress

Proved Vulnerable: OutlookExpress 4.72
Posted To: Bugtraq/Vuln-Dev mailinglists & Packetstorm



A buffer will overflow if your "Newsgroups:" field contains more than 700 chars. OE will close down with the following 
"Dr. Watson for Windows NT" message:

"An application error has occured

and an application error log is being generated

msmn.exe
Exception access violation (0xc00000005), Address: 0x77f64d28"

This will also create a USER.DMP file in your WINNT directory. This file can be used to extract passwords from, see my 
previous message to Bugtraq called "NT stores passwords in plaintext (sp00ky)" 


Another fine Planet Cazzz Production/Advisory, in assosiation with The Nations Top. We cannot be held responsible for 
your actions, but you can try. Made in Holland. PCP/A #0005 (pr0ph)


We want to say hell0 to all the Crackers, the Hackers and the Phreax. We want to say hell0 to all the people in this 
place. We want to say hell0 to all the Sinners and 31337. We say hell0 to all the people in the world...



-No Strezzz Cazzz, Powered By UN0X

Vengeance is here, its time to ressurect. Anger without phear....The
Bulld0zer Project !