[Full-disclosure] "WinProxy 6.0 R1c" Remote Stack/SEH Overflow Exploit
- From: "FistFucker" <FistFuXXer@xxxxxx>
- Date: Sat, 7 Jan 2006 19:19:33 +0100
The PoC exploit for this issue is attached to this e-mail. It has been
successfully tested under Microsoft Windows XP Professional (german, SP2).
Remote attackers can bypass the SEH frames protection of the operating
system by calling a POP/POP/RET sequence in the dynamic link libraries of
the Panda Antivirus scanning engine.
-FistFucker (aka FistFuXXer)
Attachment:CAN-2005-4085_exploit.pl
Description: Binary data
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: [Full-disclosure] "WinProxy 6.0 R1c" Remote DoS Exploit
- Next by Date: Re: [Full-disclosure] Open Letter on the Interpretation of "Vulnerability Statistics"
- Previous by thread: [Full-disclosure] "WinProxy 6.0 R1c" Remote DoS Exploit
- Next by thread: [Full-disclosure] MDKSA-2006:009 - Updated apache2-mod_auth_pgsql packages fix several vulnerabilities
- Index(es):
