Microsoft FrontPage Server Extensions SmartHTML Buffer Overflow Vulnerability
From: Gary O'leary-Steele (garyo@sec-1.com)Date: 09/27/02
- Previous message: Martin Walker: "Need help analyzing apache-scalp code"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Gary O'leary-Steele" <garyo@sec-1.com> To: <vuln-dev@securityfocus.com> Date: Fri, 27 Sep 2002 14:47:23 +0100
Hello all,
I am looking for details on the recent "Microsoft FrontPage Server
Extensions SmartHTML Buffer Overflow Vulnerability" the advisory is a bit
vague and I can't work out the format of the request required to reproduce
the overflow.
I’ve tried the usual
http://target/null.shtml?AAAA http://target/AAAA etc but to no avail.
I need this to update our IDS system and to write exploit code for the
Any help is greatly appreciated
Kind Regards
vulnerability (which I will share).
Gary
Relevant Pages
... According to a Debian security advisory based on hints from Glenn ... a buffer overflow vulnerability exists in the ... $ ftp ftp.openpkg.org ...
(Bugtraq)
... "A buffer overflow vulnerability exists in Monkey's handling of forms ... Read the full advisory at: ... It is recommended that all Gentoo Linux users who are running ... emerge monkeyd ...
(Full-Disclosure)
... "A buffer overflow vulnerability exists in Monkey's handling of forms ... Read the full advisory at: ... It is recommended that all Gentoo Linux users who are running ... emerge monkeyd ...
(Full-Disclosure)
... "A buffer overflow vulnerability exists in Monkey's handling of forms ... Read the full advisory at: ... It is recommended that all Gentoo Linux users who are running ... emerge monkeyd ...
(Bugtraq)
