Re: buffer overflows encapsulation

[gregory duchemin <c3rb3r () HOTMAIL COM>]

It's not so obvious that a remote exploitation of a low priviledged overflow
leads necessarly to a remote shell control that would permit
to "manually" (by the console) exploit a root overflow.
For instance, i thought about something like the last IIS asp overflow bug
and more generaly, if the target is behind a firewall with a good security
policy that would deny any outgoing connection from a dmz and so any
connection remotely initiated by attacker while denying everything else but
corporation service in incoming, it would be necessary to primarly gain root
with a two passes exploit before binding something else in place of its
reachable ports.
Then attacker may be able to get a remote shell through the firewall.
Did u see any exploit or survey about this topic ?
cheers,

Gregory Duchemin





_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.