Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC
From: Alberto Garcia Hierro (tcpdevil_at_linuxlover.org)
Date: 12/31/04
- Previous message: steven_at_lovebug.org: "ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks"
- In reply to: houseofdabus HOD: "[EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC"
- Next in thread: Steve Friedl: "Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC"
- Reply: Steve Friedl: "Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: bugtraq@securityfocus.com Date: Fri, 31 Dec 2004 19:09:02 +0100
El Viernes, 31 de Diciembre de 2004 00:39, houseofdabus HOD escribió:
> ---snip---
> /* HOD-ms04031-netdde-expl.c: 2004-12-30: PUBLIC v.0.2
> *
> * Copyright (c) 2004 houseofdabus.
> *
> * (MS04-031) NetDDE buffer overflow vulnerability PoC
I needed to add a few lines to build it on Linux. Here is the diff:
@@ -11,6 +11,9 @@
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
+#include <netdb.h>
+#define Sleep(x) sleep(x)
+#define closesocket(x) close(x)
#endif
Regards,
Alberto
-- /* Alberto García Hierro (Skyhusker) */
- application/pgp-signature attachment: stored
- Previous message: steven_at_lovebug.org: "ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks"
- In reply to: houseofdabus HOD: "[EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC"
- Next in thread: Steve Friedl: "Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC"
- Reply: Steve Friedl: "Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
