|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: a few bugs ...
From: Coke (Coke
TIG.COM.AU)Date: Mon Mar 20 2000 - 19:48:32 CST
- Next message: David Grimes: "Re: Update: Extending the FTP "ALG" vulnerability to any FTP clie"
- Previous message: Wasted Rock Ranger: "FW: Kewlhair Security Advisory --DSL ROUTERS"
- In reply to: Michal Zalewski: "Re: a few bugs ..."
- Next in thread: Michal Zalewski: "Re: a few bugs ..."
- Reply: Coke: "Re: a few bugs ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michal Zalewski wrote:
>
> On Mon, 13 Mar 2000, Maurycy Prodeus wrote:
>
> > 1. In "Lotus Notes POP 1.0X" on NT platform. I'm not really sure ...
> > if you send a very long username ( about 2kb ) it disconnects without
> > any message. So it looks like classic buffer overflow :) I don't have
> > enough time to check it ( to download this packet :) )
>
> Have you noticed GPF popup or BSOD on this Windows box? Anyone may confirm
> this?
>
Just a little note: alot of windows server programs i've come accross
use their own error handlers, and mostly just silently re-init and keep
going when an overflow occurs, eg: warftpd 1.65, so just waiting for a
gpf popup or BSOD would miss quite a few.
- Next message: David Grimes: "Re: Update: Extending the FTP "ALG" vulnerability to any FTP clie"
- Previous message: Wasted Rock Ranger: "FW: Kewlhair Security Advisory --DSL ROUTERS"
- In reply to: Michal Zalewski: "Re: a few bugs ..."
- Next in thread: Michal Zalewski: "Re: a few bugs ..."
- Reply: Coke: "Re: a few bugs ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]