Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Windows 2000 .printer remote overflow proof of concept exploit....
From: Joshua Dodds <jdodds () bevelander nl>
Date: Fri, 11 May 2001 11:04:31 +0200



It's out there. I've seen logs indicating the attacker put a "root.exe" file
on the IIS5 host and then were able to issue a command to run this file via
the overflow. I don't have any more specific information on the contents of
the root.exe file or the exact script used, etc. at this time.

root.exe is just cmd.exe copied to root.exe!  doh!

-jd


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]