Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft FTP Client Multiple Bufferoverflow Vulnerability

From: Tonnerre Lombard <tonnerre.lombard () sygroup ch>
Date: Wed, 28 Nov 2007 15:49:34 +0100
Salut,

On Wed, 28 Nov 2007 13:16:34 +0100 "KJK::Hyperion" <hackbunny () s0ftpj org> wrote:

Tonnerre Lombard ha scritto:

Microsoft FTP Client Multiple Bufferoverflow
Vulnerability

Isn't the FTP client compiled with stack overflow protection?

If so, how is that supposed to help?


By terminating the program before the payload is executed


May I suggest that this protection is not perfect? I was hoping that
people on this mailing list consider this to be an established fact.

                                Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Solutions Systematiques
Tel:+41 61 333 80 33            Güterstrasse 86
Fax:+41 61 383 14 67            4053 Basel
Web:www.sygroup.ch              tonnerre.lombard () sygroup ch

Attachment: signature.asc
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: