|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Golden_Eternity (bhodi
BIGFOOT.COM)Date: Sat Apr 07 2001 - 15:04:47 CDT
> -----Original Message-----
> From: VULN-DEV List [mailto:VULN-DEVSECURITYFOCUS.COM]On
> Behalf Of -No
> Strezzz Cazzz
> Sent: Friday, April 06, 2001 3:57 AM
> To: VULN-DEVSECURITYFOCUS.COM
> Subject: Local Bufferoverflow/Vulnerability in Ping.exe
>
>
> Made in Holland
> PCP/A #0009 (pr0ph)
>
>
>
> Local Bufferoverflow/Vulnerability in Ping.exe
>
> The version of Ping that is shipped with Windows NT (possibly
> works on 9x
> and ME too) contains a buffer that can be overflowed which
> will result (once
> again) in the Denial of Service of: Outlook Express & Dial-up
> Networking.
>
This does not seem to affect Windows 98SE with current patches. There was no
change when command was run prior to opening Outlook, as in the case of the
telnet.exe overflow.
Also, command.com seems to place a limit on the length of a command; in the
second example below, I actually pasted 300 a's, but command.com seems to
have cut it off somewhere around 122 a's.
C:\WINDOWS\Desktop>ping
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com
Unknown host
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com.
C:\WINDOWS\Desktop>ping
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Unknown host
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]