Full Disclosure: RE: [ Positive Technologies ] Defeating Microsoft Windows XP SP2 Heap protection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

RE: [ Positive Technologies ] Defeating Microsoft Windows XP SP2 Heap protection

From: "pigrelax" <pigrelax () yandex ru>
Date: Sat, 29 Jan 2005 10:38:23 +0300

 cool. Tested on AMD64 with DEP enabled.

-----Original Message-----
From: full-disclosure-bounces () lists netsys com
[mailto:full-disclosure-bounces () lists netsys com] On Behalf Of
aanisimov () ptsecurity ru
Sent: Friday, January 28, 2005 5:41 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] [ Positive Technologies ] Defeating
MicrosoftWindows XP SP2 Heap protection

It was discovered by MaxPatrol team that it is possible to defeat MicrosoftR
WindowsR XP SP2 Heap protection and Data Execution Prevention mechanism.

As a result it is possible to implement:
- Arbitrary memory region write access (smaller or equal to 1016 bytes);
- Arbitrary code execution;
- DEP bypass.

Details are described in the article:

http://www.maxpatrol.com/ptmshorp.asp

--
Best regards,
 aanisimov                          mailto:aanisimov () ptsecurity ru

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

[ Positive Technologies ] Defeating Microsoft Windows XP SP2 Heap protection aanisimov (Jan 28)
- RE: [ Positive Technologies ] Defeating Microsoft Windows XP SP2 Heap protection pigrelax (Jan 28)