several times when accessing hotmail while running linux that dll was pushed at me
here is a copy of one http:///www.bsdnixsolutions.com/ADSAdClient31.dll <!--NOAD--><img src="http://global.msads.net/ads/defaultads/TR.gif?C=C&E=12&N=A0 3"/> is all it contained On Thu, 31 Mar 2005 05:53:39 -0700, Scott Edwards <[EMAIL PROTECTED]> wrote: > On Mar 30, 2005 3:14 AM, jamie fisher <[EMAIL PROTECTED]> wrote: > > Link: http://rad.msn.com/ADSAdClient31.dll > > > > Description: Overflow a parameter's value > > > > Cause: User input length is not limited thereby enabling buffer overflows > > > > Worst case: Execute remote commands on the web server. Under normal > > circumstances this would require compromise of the server and its contents. > > Web application may not share its content. Sylvia Saint may not let me have > > free free access to her private collection any more. Bill may do the > > same... > > > > Comment: I've not run malicious code on the server. Just noticed it was > > vulnerable :-) > > > [snip] > > Please elaborate. You've provided a url to what appears to be a > CGI/ISAPI resource. Did you obtain the actual dll? If so, how did > you analyze it? Show us your findings. This is *full* disclosure. > We want to evaluate the same information you've used to make your > conclusion, so we may make our own. > > Thank you, > > Scott Edwards > -- > Daxal Communications - http://www.daxal.com > Surf the USA - http://www.surfthe.us > > Don't reply to me, I read the list! > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
