Security Incidents mailing list archives
Re: FW: Footprints of ASP ISAPI filter buffer overflows
From: dullien () gmx de
Date: Fri, 12 Apr 2002 10:21:18 -0700
Hey all,
Has anybody a copy of some log files that contain such for general review by the community? A customer was vulnerable to this attack and I would like to find out if he was compromised.
I don't have logs, sorry, but to be honest the probability of him being compromised by this are rather low -- there's no reliable exploit for these bugs yet, and at least the eeye-bug is a bit dodgy to exploit reliably without knowing the remote SP-number or accurately guessing the thread number. What is going to be an interesting combination on vulnerable systems i the combination of the ASP bugs with ElicZ's DebPloit bug -- that looks good enough to fashion the ASP bugs into remote SYSTEM compromises. Cheers, dullien () gmx de ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- FW: Footprints of ASP ISAPI filter buffer overflows Jonathon . Kalaugher (Apr 12)
- Re: FW: Footprints of ASP ISAPI filter buffer overflows dullien (Apr 12)