Vulnerability Development mailing list archives
Re: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow
From: Maximiliano Caceres <core.lists.exploit-dev () core-sdi com>
Date: Thu, 11 Apr 2002 16:38:40 -0300
Marc Maiffret wrote: > Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow > > > Severity: > High (Remote code execution) > IWAM_MACHINE Privilege Level > I'm missing sthg here. In all MS02-018 code-execution vulnerabilities, IWAM_MACHINE privilege for the code is presented as a mitigation factor. Isn't it always possible to get SYSTEM from IUSR_STHG via the RevertToSelf() call? Is there a way of protecting against this?. max/ -- Maximiliano Caceres Product Engineer CORE SECURITY TECHNOLOGIES Florida 141 - 2º cuerpo - 7º piso C1005AAC Buenos Aires - Argentina Tel/Fax: (54 11) 4878-CORE (2673) http://www.corest.com --- for a personal reply use: Maximiliano Caceres <maximiliano.caceres () corest com>
Current thread:
- Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Marc Maiffret (Apr 10)
- Re: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Maximiliano Caceres (Apr 11)
- RE: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Ryan Permeh (Apr 11)
- <Possible follow-ups>
- RE: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Johnson, Michael (Apr 11)
- Re: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Maximiliano Caceres (Apr 11)