|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: koules buffer overflows
From: typo
INFERNO.TUSCULUM.EDUDate: Fri Apr 21 2000 - 21:37:13 CDT
- Next message: Zoa_Chien: "Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions."
- Previous message: Ron DuFresne: "Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions."
- In reply to: typoINFERNO.TUSCULUM.EDU: "Re: koules buffer overflows"
- Reply: typoINFERNO.TUSCULUM.EDU: "Re: koules buffer overflows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, Apr 22, 2000 at 02:35:09AM +0200, typoINFERNO.TUSCULUM.EDU wrote:
> 00000000081aa660 g O .bss 0000000000000004 buffer
> 00000000081aa664 g O *ABS* 0000000000000000 _end
> well.. in this special case i don't see much you can do.. servername is
> near the end of the section, all you can overwrite is b and buffer.
> i haven't looked at their specific uses, but looking at their names i doubt
> they'll be useful.
sorry for replying to my own mail.. but as soon as my own mail popped up
in my inbox, i realized what nonsense i wrote:
objectsio.c:
unsigned char b[256];
unsigned char *buffer;
of course you can make buffer point anywhere in memory you like and probably
have lots of fun with it. stupid me...
typo
- Next message: Zoa_Chien: "Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions."
- Previous message: Ron DuFresne: "Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions."
- In reply to: typoINFERNO.TUSCULUM.EDU: "Re: koules buffer overflows"
- Reply: typoINFERNO.TUSCULUM.EDU: "Re: koules buffer overflows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]