[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CGI Buffer Overflow?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Brian" == Brian Rectanus <brectanu@vt.edu> writes:

Brian> Anyone seen this before?  I have looked around for similar
Brian> attacks, but cannot find any info.  I assume that is a unicode
Brian> string padded out with Ns.  How would I go about finding out what
Brian> is in the string?

It's an IIS attack.  Slashdot has the story, and some discussions.

http://slashdot.org/article.pl?sid=01/07/19/2230246&mode=thread&threshold=1

- -- 
Hubert Chan <hackerhue@geek.com> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/651854DF71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD  6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net.   Please encrypt *all* e-mail to me.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7V2awZRhU33H9o38RAmalAKChiU9+jEJA+x/vzpdJYu8NkY5YXACgtFFC
DaqIZlfhm0QCmLYgbAzPnxo=
=gIeS
-----END PGP SIGNATURE-----
Reply to: