Blind buffer overflows in ISAPI extensions

Thursday, 27 January 2005, 2:03 PM EST

In this paper we will use different ISAPI extension on a Microsoft Windows 2000, Internet Information Server (IIS) 5.0 web server. A number of different ISAPI extensions were created, each with a different type of stack-based overflow vulnerability to act as demonstrative proprietary applications as seen in the wild. The following examples are overflows using strcpy(), sprintf(), and strcat(). A second set of extensions had also been built with the Microsoft Visual Studio .NET stack protection enabled (/GS option). The author will demonstrate how to bypass these protection mechanisms and execute arbitrary code completely blind.

By Isaac Dawson at SecurityFocus.

[ Read more ]




Spotlight

5 ways to stop the Internet of Things from becoming the Internet of Thieves

Attacks on the IoT can sound like the stuff of a movie thriller, but they are very real. The highly skilled and organized cybercriminals of today have the potential to tamper with a car’s firmware to kill its brakes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Tue, Jun 30th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //