[38036] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC

daemon@ATHENA.MIT.EDU (Steve Friedl)
Fri Dec 31 14:20:21 2004

Date: Fri, 31 Dec 2004 10:52:27 -0800
From: Steve Friedl <steve@unixwiz.net>
To: Alberto Garcia Hierro <tcpdevil@linuxlover.org>
Cc: bugtraq@securityfocus.com
Message-ID: <20041231185227.GA29457@linux.unixwiz.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200412311909.11288.tcpdevil@linuxlover.org>

On Fri, Dec 31, 2004 at 07:09:02PM +0100, Alberto Garcia Hierro wrote:
> +#define Sleep(x) sleep(x)

This isn't the same thing: under Win32, Sleep is in *milliseconds*, while on
UNIX it's *seconds* - that's going to take a long, long time if you run this.

#ifdef unix
#  ...
#  define Sleep(x)	sleep(((x)+500)/1000)
#  ...
#endif

-- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve@unixwiz.net


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38036] in bugtraq

Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC

daemon@ATHENA.MIT.EDU (Steve Friedl)Fri Dec 31 14:20:21 2004

daemon@ATHENA.MIT.EDU (Steve Friedl)
Fri Dec 31 14:20:21 2004