RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability
From: Florian Hines (panth3r@swbell.net)
Date: 03/19/03
- Previous message: Noonan, Wesley: "RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
- Next in thread: Dave Aitel: "Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
- Reply: Dave Aitel: "Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Mar 2003 12:11:18 -0600 From: Florian Hines <panth3r@swbell.net> To: "'Aleksander P. Czarnowski'" <alekc@avet.com.pl>
According to the SANS conference yesterday the exploit uses a
GET command rather than LOCK. Also "The snort-signatures that
are out now are extremely unreliable at this point" but that
could have changed since yesterday I suppose.
Florian
##-----Original Message-----
##From: Aleksander P. Czarnowski [mailto:alekc@avet.com.pl]
##Sent: Wednesday, March 19, 2003 8:08 AM
##To: Nicolas Gregoire; garyo@sec-1.com
##Cc: pen-test@securityfocus.com
##Subject: RE: Microsoft Windows 2000 WebDAV Buffer Overflow
##Vulnerability
##
##
##> You could give a look to the related Nessus plugin :
##> #http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plug
##ins/scrip
##ts/iis_webdav_overflow.nasl
##
##First of all - just from quick testing - it seems than nessus
##plugin don't work correctly, at least one from 18th of March.
##Secondly you can use a bit brutal method of using LOCK or any
##other WebDAV method with buffer >64kb - it was already
##discussed on ntbugtraq and snort-sigs I believe. But this is
##still far from working exploit that gives you reverse shell...
##Best Regards Aleksander Czarnowski AVET INS
##
##---------------------------------------------------------------
##-------------
##Did you know that you have VNC running on your network?
##Your hacker does. Plug your security holes now!
##Download a free 15-day trial of VAM:
##http://www2.stillsecure.com/download/sf_vuln_li#st.html
##
##
#
----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html
- Previous message: Noonan, Wesley: "RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
- Next in thread: Dave Aitel: "Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
- Reply: Dave Aitel: "Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
