Penetration Testing mailing list archives
[Sec-1 Ltd] Buffer Truncation Abuse in Microsoft SQL Server Based Applications
From: "Gary Oleary-Steele" <garyo () sec-1 com>
Date: Tue, 3 Jul 2007 14:15:47 +0100
Buffer Truncation Abuse in Microsoft SQL Server Based Applications Release Date: 3rd July 2007 Author: Gary O'Leary-Steele Web Site: www.sec-1.com This paper is designed to document an attack technique Sec-1 recently adopted during the course of their application assessments. The basic principal of this technique has existed for some time; however we hope this paper we will provide an insight of how a variation of the technique can be adopted to attack common "forgotten password" functionality within web applications. Our initial intention was to release this paper along with a case study demonstrating the flaw within a commercial application. However since the vendor has yet to fix the flaw it was decided that an initial censored release will be followed up with the complete release further down the line. The paper can be downloaded here: http://www.sec-1labs.co.uk/papers/BTA_CensoredRelease.pdf Sec-1 specialises in the provision of network security solutions. For more information on products and services we offer visit www.sec-1.com or call 0113 257 8955. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
Current thread:
- [Sec-1 Ltd] Buffer Truncation Abuse in Microsoft SQL Server Based Applications Gary Oleary-Steele (Jul 03)