OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Full-disclosure] Buffer Overflow vulnerability in Windows Display Manager [Suspected]

From: Sumit Siddharth (sumit.siddharthgmail.com)
Date: Tue Jan 03 2006 - 03:53:53 CST


I think the problem is with the intel driver and particularly with file
ialmnt5.sys
Hope it helps
Sumit

On 1/3/06, Sumit Siddharth <sumit.siddharthgmail.com> wrote:
>
> Dear All,
> Sorry for the delayed response.
> I had success in exploiting it remotely by a simple javascript
> <script>window.open("http://aa...");</script>. But i think it doesnt work
> with some drivers.I am using XP ,professional, SP2. and firefox 1.0.6. I
> am using a string of about 53,000 char to overflow the buffer.
> Thanks
> Sumit
>
>

--

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/