Vulnerability Development mailing list archives

Re: cipher.exe overflow

From: "moran zavdi" <moraniam () hotmail com>
Date: Wed, 23 Apr 2003 23:03:14 +0000

Hi,

I saw this discussion that's why i had doubts if i should publish thisoverflow.

But, can you compare cipher to nslookup ?
cipher.exe is part of the EFS.
Because its such important file ive decided to write about it.

who knows, maybe someone here will be able to exploit it and find somethingbig.


Regards,
Moran.

From: "K. K. Mookhey" <cto () nii co in>
Subject: Re: cipher.exe overflow
Date: Wed, 23 Apr 2003 11:05:39 +0530

Hi Moran,
Windows 2000 is full of local buffer overflows. We too reported a couple toMS, and then stopped looking. There was a discussion some time back onNslookup having a local BO. I think the thread is here:
http://www.securityfocus.com/archive/82/315781

K. K. Mookhey
CTO,
Network Intelligence India Pvt. Ltd.
Web: www.nii.co.in
=================================
Security Auditing Software - AuditPro
http://www.nii.co.in/products.html
=================================



_________________________________________________________________

The new MSN 8: advanced junk mail protection and 2 months FREE*http://join.msn.com/?page=features/junkmail

Current thread:

cipher.exe overflow moran zavdi (Apr 22)
- Re: cipher.exe overflow K. K. Mookhey (Apr 23)
- <Possible follow-ups>
- Re: cipher.exe overflow moran zavdi (Apr 24)
  - Re: cipher.exe overflow (runas.exe) wirepair (Apr 28)