Re: Buffer overflow in Microsoft ftp.exe
From: D.C. van Moolenbroek (dc.van.moolenbroek_at_chello.nl)
Date: 04/30/03
- Next in thread: Frank Knobbe: "Re: Buffer overflow in Microsoft ftp.exe"
- Maybe reply: Frank Knobbe: "Re: Buffer overflow in Microsoft ftp.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <vuln-dev@securityfocus.com> Date: Wed, 30 Apr 2003 23:49:48 +0200
"aT4r InsaN3" wrote:
> if an attacker with axx to the system is able to modify the scriptfile he
> can modify the script and place an evil command Quote AAAAAA..SHELLCODE...
> and execute code with elevated privileges.
Yes, but since he can also use the ftp client's built-in "!" command to
execute shell commands in that case, this does not seem to be a very
realistic scenario?
Regards,
David
--
class sig{static void main(String[]s){for// D.C. van Moolenbroek
(int _=0;19>_;System.out.print((char)(52^// (CS student, VU, NL)
"Y`KbddaZ}`P#KJ#caBG".charAt(_++)-9)));}}// -Java sigs look bad-
- Next in thread: Frank Knobbe: "Re: Buffer overflow in Microsoft ftp.exe"
- Maybe reply: Frank Knobbe: "Re: Buffer overflow in Microsoft ftp.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
