Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability
From: Tonnerre Lombard <tonnerre.lombard () sygroup ch>
Date: Wed, 28 Nov 2007 15:49:34 +0100

Salut,

On Wed, 28 Nov 2007 13:16:34 +0100 "KJK::Hyperion" <hackbunny () s0ftpj org> wrote:
Tonnerre Lombard ha scritto:
Microsoft FTP Client Multiple Bufferoverflow
Vulnerability
Isn't the FTP client compiled with stack overflow protection?
If so, how is that supposed to help?

By terminating the program before the payload is executed

May I suggest that this protection is not perfect? I was hoping that
people on this mailing list consider this to be an established fact.

                                Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Solutions Systematiques
Tel:+41 61 333 80 33            G├╝terstrasse 86
Fax:+41 61 383 14 67            4053 Basel
Web:www.sygroup.ch              tonnerre.lombard () sygroup ch

Attachment: signature.asc
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]