Hosting Provided By

cipher.exe overflow

From: moran zavdi <moraniam(at)hotmail.com>
Date: Mon Apr 21 2003 - 09:59:42 EDT

Hi,

there is a problem with cipher.exe.
overflow occurs when you add string of more than 256 chars. example:
c:\> cipher.exe <A * 257>

program will crash.

anyway Microsoft response was:
"Thank you for your feedback. We are definitely commited to fixing this issue in Cipher.exe.
We've had several people look into this issue, and the biggest impact we've found that it has is a crash of the file which results in a local denial of service in the file itself."

Regards,

Moran Zavdi
DataSEC
http://www.data-sec.com

The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Received on Tue Apr 22 13:42:19 2003

This message: [ Message body ]
Next message: Blue Boar: "Re: Jump back to shellcode Windows overflow"
Previous message: chaboyd77(at)yahoo.com: "Jump back to shellcode Windows overflow"
Next in thread: K. K. Mookhey: "Re: cipher.exe overflow"
Reply: K. K. Mookhey: "Re: cipher.exe overflow"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:38 EDT