>These paragraphs do more to convince me that the exploit is >possible than all the rest of the flame war put together. Thanks, >both of you.
does anybody need a refresher on heap overflows? :) http://vg.rstack.org/download/l01/bof.pdf (2002 btw) chapter 3 and 3.6 in particular. and of course there is Greg Hoglunds blackhat 2000 paper, but it does not deal much with heap overwrites, just function pointers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
