<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: Remote service shutdown in mailenable (newest) Follow up

Re: Remote service shutdown in mailenable (newest) Follow up

From: Knud Erik Højgaard <knud_at_skodliv.dk>
Date: Tue, 19 Nov 2002 18:37:20 +0100

Alexandru Balan wrote:
> Ok, i don't get it. This is supposed to prove what exactly ? That you
> can sniff out plain text passwords sent to the pop3 server ? i didn't
> see any crash there.. so... i don't get it ? what was your point
> there ?

I took a quick look at it, the pop3 service running as localsystem sure does
crash, not that many A's needed though, and i suck at win32 bufferoverflows.

I must agree a memorydump would be more useful than a packetdump.

--
Knud

Received on Nov 20 2002

This message: [ Message body ]
Next message: Andre Breiler: "Re: shell script cgi (summary?)"
Previous message: Brian Hatch: "Re: shell script cgi (summary?)"
In reply to: Alexandru Balan: "Re: Remote service shutdown in mailenable (newest) Follow up"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos