RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability

It is actually ntdll.dll used by webdav in W2K that is the problem.

Curt Purdy CISSP, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

-----Original Message-----
From: Nicolas Gregoire [mailto:ngregoire@exaprobe.com] Sent: Tuesday, March 18, 2003 2:26 PM
To: Gary O'leary-Steele
Cc: pen-test@securityfocus.com
Subject: Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability

> I am planning to write exploit code for the Microsoft Windows 2000 WebDAV
about
> the vulnerability, e.g. which webdav component is vulnerable, how it is
overrun.
> I don't know webdav but if i get enough information about the request i
need
> to send to the web server to cause a crash I will write some exploit code
> (in perl) and share with the community.

You could give a look to the related Nessus plugin : http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/i is_webdav_overflow.nasl

Regards,

--
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoire(at)exaprobe.com ------[ ExaProbe ]------ 
http://www.exaprobe.com/
PGP KeyID:CA61B44F  FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F


----------------------------------------------------------------------------
Did you know that you have VNC running on your network? 
Your hacker does. Plug your security holes now! 
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html