ASP code testing
From: Dan Richardson (dan.richardson@paradise.net.nz)Date: 11/18/01
- Previous message: M. Burnett: "Re: Terminal Services Holes"
- Next in thread: Bojo: "Re: ASP code testing"
- Reply: Bojo: "Re: ASP code testing"
- Reply: Kevin Spett: "Re: ASP code testing"
- Reply: rudi carell: "Re: ASP code testing"
- Reply: Omar Koudsi: "RE: ASP code testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dan Richardson" <dan.richardson@paradise.net.nz> To: <pen-test@securityfocus.com> Subject: ASP code testing Date: Sun, 18 Nov 2001 12:00:06 +1300 Message-ID: <001501c16fbb$9a0fd1a0$0101a8c0@thievery>
I'm currently testing some ASP code on an e-commerce site. My question
is could this be used to execute a buffer overflow exploit?
The following URL:
http://www.asite.com/show/showsomething.asp?ID=5
Will retrieve a legitmate item from the database. By playing with the
number a bit-
http://www.asite.com/show/showsomething.asp?ID=32767
Will generate
ADODB.Field error '80020009'
Either BOF or EOF is True, or the current record has been deleted.
Requested operation requires a current record.
But if I bump that number up to 32768 (unsigned integer limit)-
Microsoft VBScript runtime error '800a0006'
Overflow: 'cint'
/show/showsomething.asp, line x
Thanks
Dan
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: M. Burnett: "Re: Terminal Services Holes"
- Next in thread: Bojo: "Re: ASP code testing"
- Reply: Bojo: "Re: ASP code testing"
- Reply: Kevin Spett: "Re: ASP code testing"
- Reply: rudi carell: "Re: ASP code testing"
- Reply: Omar Koudsi: "RE: ASP code testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
