Blind buffer overflows in ISAPI extensions

Thursday, 27 January 2005, 2:03 PM EST

In this paper we will use different ISAPI extension on a Microsoft Windows 2000, Internet Information Server (IIS) 5.0 web server. A number of different ISAPI extensions were created, each with a different type of stack-based overflow vulnerability to act as demonstrative proprietary applications as seen in the wild. The following examples are overflows using strcpy(), sprintf(), and strcat(). A second set of extensions had also been built with the Microsoft Visual Studio .NET stack protection enabled (/GS option). The author will demonstrate how to bypass these protection mechanisms and execute arbitrary code completely blind.

By Isaac Dawson at SecurityFocus.

[ Read more ]




Spotlight

How GitHub is redefining software development

Posted on 26 January 2015.  |  The security industry is slowly realizing what the developer community knew for years - collaboration is the key to and likely the future of innovation.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Jan 28th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //