>Someone sent this to us, wondering if there could be further exploitation
>of this buffer overflow. Since I am not an overflow guru, I decided to
>forward it to vuln-dev. Program error was caused after an extremely long
>string of [any character]. Also, the program doesn't do any checking to
>see if you are entering an IP address [valid or not] or domain name. We
>will let you buffer overflow gurus draw up conclusions about this, but in
>my opinion, it isn't a significant vulnerability. Neotrace [2.12a] was
>running on Windows 98SE when this occurred [the the best of my
>knowledge].
>NEOTRACE caused an invalid page fault in
>module <unknown> at 0000:41092626.
>Registers:
>EAX=00000000 CS=0167 EIP=41092626 EFLGS=00010206
>EBX=00000000 SS=016f ESP=0071f410 EBP=00ae96e0
>ECX=cfb1caf0 DS=016f ESI=00431c8c FS=13b7
>EDX=00000000 ES=016f EDI=00ae8b50 GS=0000
>Bytes at CS:EIP:
------------------------------------
On Windows 2000 Pro / Neotrace 2.10:
After about 3 minutes with a penny jammed between random keys to make long
strings, I get the following:
The instruction at "0x41097979" referenced memory at "0x41097979". The
memory could not be read.
No other useful info though...just confirms it happened on 2.10 as well.
I don't think it's significant either, but I figure the info might be
useful to someone.
---------------------
Jonathan Rickman
X-Corps Security
http://www.xcorps.net
Received on Sep 02 2000
Intro
