Bugtraq mailing list archives
Re: a few bugs ...
From: Coke () TIG COM AU (Coke)
Date: Tue, 21 Mar 2000 12:48:32 +1100
Michal Zalewski wrote:
On Mon, 13 Mar 2000, Maurycy Prodeus wrote:1. In "Lotus Notes POP 1.0X" on NT platform. I'm not really sure ... if you send a very long username ( about 2kb ) it disconnects without any message. So it looks like classic buffer overflow :) I don't have enough time to check it ( to download this packet :) )Have you noticed GPF popup or BSOD on this Windows box? Anyone may confirm this?
Just a little note: alot of windows server programs i've come accross use their own error handlers, and mostly just silently re-init and keep going when an overflow occurs, eg: warftpd 1.65, so just waiting for a gpf popup or BSOD would miss quite a few.
Current thread:
- Re: RealPlayer and Comet Cursor, (continued)
- Re: RealPlayer and Comet Cursor pedward () WEBCOM COM (Mar 09)
- The Comet Cursor Sarah MacArthur (Mar 09)
- Network File Resource Vulnerability Eric Hacker (Mar 09)
- Re: Network File Resource Vulnerability David LeBlanc (Mar 11)
- misc. cross site scripting issues Marc Slemko (Mar 12)
- a few bugs ... Maurycy Prodeus (Mar 13)
- Re: a few bugs ... Thomas Roessler (Mar 15)
- Re: a few bugs ... Michal Zalewski (Mar 17)
- Patch: ip_masq_ftp / Linux 2.2.x (extended FTP ALG vulnerabilty) Bjarni R. Einarsson (Mar 20)
- Microsoft Security Bulletin (MS00-018 Microsoft Product Security (Mar 20)
- Re: a few bugs ... Coke (Mar 20)
- Re: a few bugs ... Daniel Jacobowitz (Mar 20)
- Re: a few bugs ... Michal Zalewski (Mar 20)
- DoS with NAVIEG PAUL VanDyke (Mar 17)
- [ANNOUNCE] strace for NT tsabin () RAZOR BINDVIEW COM (Mar 13)
- Linux patch for blocking buffer overflow based attacks massimo () IAC RM CNR IT (Mar 10)
- ICQ remote DoS Philip Stoev (Mar 10)
- Re: Enumerate Root Web Server Directory Vulnerability for IIS 4.0 Chris Paget (Mar 17)