Gr�gory Le Bras | Security Corporation wrote: > .: Proxomitron Naoko Long Path Buffer Overflow/DoS :. > ________________________________________________________________________ > > Security Corporation Security Advisory [SCSA-005] > ________________________________________________________________________
[snip] > Sending a parameter with a buffer of 1024 bytes in length or more, > causes Proxomitron Naoko to crash. > > This vulnerability can be easily exploited to execute code. > > Exploitation example : > > c:\Proxomitron>proxomitron AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA [snip A's] > AAAAAAAAAAAAAAAAAAAA Could you perhaps provide a real-world example where this might be used to gain additional privileges? I fail to see the useful bit in this vulnerability. -- Knud _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
