I believe I have contributed greatly to the security community with my post here. Not only have I denied another 0x41414141 hacker but I have also made Valdis have to backtrack on his ( as usual) stupid post. I believe Valdis and Billy O Reilly have alot in common. ( " "I was wrong. I am not pleased about it at all and I think all Americans should be concerned about this…What do you want me to do, go over and kiss the camera?" ).
On Dec 27, 2007 9:05 AM, Elazar Broad <[EMAIL PROTECTED]> wrote: > After some more analysis by Carsten Eiram @ Secunia, this is NOT > exploitable. I would like to apologize for the hasty post. SecurityFocus, > please update bid 27026 to reflect the fact that at most, this can just > crash the browser. > > Elazar > > -----Original Message----- > >From: [EMAIL PROTECTED] > >Sent: Dec 26, 2007 1:28 AM > >To: reepex <[EMAIL PROTECTED]> > >Cc: Elazar Broad <[EMAIL PROTECTED]>, > full-disclosure@lists.grok.org.uk > >Subject: Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dllMultiple > >Buffer Overflows > > > >On Tue, 25 Dec 2007 21:53:29 CST, reepex said: > > > >> How does a bunch of 'A's prove something is exploitable? > > > >If a bunch of A's causes the EIP to end up as x'41414141', it's 95% of > the > >way to being an exploit. If it gets you some *other* crash, it's > probably > >at least 30% to 40% of the way to an exploit. > > > >Go back and read the analysis of the NTP buffer overflow from a number of > years > >back. Truly a classic - they managed to leverage a *one byte* overflow > into > >a complete and total rooting of the box. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/