Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Windows 2000 .printer remote overflow proof of concept exploit....
From: Joshua Dodds <jdodds () bevelander nl>
Date: Fri, 11 May 2001 11:04:31 +0200

It's out there. I've seen logs indicating the attacker put a "root.exe" file
on the IIS5 host and then were able to issue a command to run this file via
the overflow. I don't have any more specific information on the contents of
the root.exe file or the exact script used, etc. at this time.

root.exe is just cmd.exe copied to root.exe!  doh!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]