Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability

From: Gary O'leary-Steele (garyo@sec-1.com)
Date: 03/18/03

  • Next message: Oliver.Karow@gmx.de: "IMAP password cracker?"
    From: "Gary O'leary-Steele" <garyo@sec-1.com>
    To: <pen-test@securityfocus.com>
    Date: Tue, 18 Mar 2003 10:05:30 -0000
    
    

    Hi all,

    I am planning to write exploit code for the Microsoft Windows 2000 WebDAV
    Buffer Overflow Vulnerability. However I don't have enough information about
    the vulnerability, e.g. which webdav component is vulnerable, how it is
    exploited i.e. where does the large string need to be to cause the overrun.
    I don't know webdav but if i get enough information about the request i need
    to send to the web server to cause a crash I will write some exploit code
    (in perl) and share with the community.

    Any help is greatly appreciated.

    Thanks in advance.

    Regards,
    Gary O'leary-Steele
    Sec-1 Ltd

    ----------------------------------------------------------------------------
    Did you know that you have VNC running on your network?
    Your hacker does. Plug your security holes now!
    Download a free 15-day trial of VAM:
    http://www2.stillsecure.com/download/sf_vuln_list.html


  • Next message: Oliver.Karow@gmx.de: "IMAP password cracker?"