Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re[2]: Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow

From: dullien () gmx de
Date: Fri, 12 Apr 2002 10:25:43 -0700
Hey all,

M> I have not been able to reproduce these results.  I have managed to lock
M> up IIS (IIS 5.0 with all patches pre Apr 1, 2002), but no popup messages
M> appear and no entries in the Application Log.  I have also been able get
M> the 100 Continue message (IIS 4.0 all patches pre Apr 1, 2002), but
M> still no popup or messages.

rule of thumb : It locks up <==> Heap is corrupted <==> vulnerable

Cheers,
dullien () gmx de

-- 
Mit freundlichen GrĂ¼ssen
dullien () gmx de                            mailto:dullien () gmx de
Previous By Date Next
Previous By Thread Next

Current thread: