[24348] in bugtraq
Avirt 4.2 question
daemon@ATHENA.MIT.EDU (nicolas brulez)
Wed Feb 20 21:03:40 2002
Message-ID: <3C73DBD7.9000503@cartel-securite.fr>
Date: Wed, 20 Feb 2002 18:24:39 +0100
From: nicolas brulez <brulez@cartel-securite.fr>
Reply-To: brulez@cartel-securite.fr
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Hello,
I have seen 2 advisories for avirt 4.2 gateway.
Did they patch it without modifying the version ?
I tried the proof of concept exploit and it did nothing but close the
server.
I wanted to trigger the buffer overflow on the web server too, in order
to write a proof of concept exploit
but my attempts did nothhing but close the server again.. (something
like 4000 chars)
I never managed to overwrite my EIP.(or doesn't it crash when you do it ? )
I was wondering if they patched it in a dodgy way ?
Sorry if it is not the good place for such a post ;-)
Best Regards,
Nicolas Brulez
Cartel-Securite.
