On Mar 30, 2005 3:14 AM, jamie fisher <[EMAIL PROTECTED]> wrote: > Link: http://rad.msn.com/ADSAdClient31.dll > > Description: Overflow a parameter's value > > Cause: User input length is not limited thereby enabling buffer overflows > > Worst case: Execute remote commands on the web server. Under normal > circumstances this would require compromise of the server and its contents. > Web application may not share its content. Sylvia Saint may not let me have > free free access to her private collection any more. Bill may do the > same... > > Comment: I've not run malicious code on the server. Just noticed it was > vulnerable :-) > [snip]
Please elaborate. You've provided a url to what appears to be a CGI/ISAPI resource. Did you obtain the actual dll? If so, how did you analyze it? Show us your findings. This is *full* disclosure. We want to evaluate the same information you've used to make your conclusion, so we may make our own. Thank you, Scott Edwards -- Daxal Communications - http://www.daxal.com Surf the USA - http://www.surfthe.us Don't reply to me, I read the list! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
