Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC

To: Alberto Garcia Hierro <tcpdevil@xxxxxxxxxxxxxx>
Subject: Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC
From: Steve Friedl <steve@xxxxxxxxxxx>
Date: Fri, 31 Dec 2004 10:52:27 -0800
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <200412311909.11288.tcpdevil@xxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20041230233921.2776.qmail@xxxxxxxxxxxxxxxxxxxxx> <200412311909.11288.tcpdevil@xxxxxxxxxxxxxx>
User-agent: Mutt/1.4i

On Fri, Dec 31, 2004 at 07:09:02PM +0100, Alberto Garcia Hierro wrote:
> +#define Sleep(x) sleep(x)

This isn't the same thing: under Win32, Sleep is in *milliseconds*, while on
UNIX it's *seconds* - that's going to take a long, long time if you run this.

#ifdef unix
#  ...
#  define Sleep(x)      sleep(((x)+500)/1000)
#  ...
#endif

-- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve@xxxxxxxxxxx

References:
- [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC
  - From: houseofdabus HOD
- Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC
  - From: Alberto Garcia Hierro

Prev by Date: WHM AutoPilot Security Release [ Plus Upgrade Instructions ]
Next by Date: Jacks FormMail.php remote file access vulnerability
Previous by thread: Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC
Next by thread: ArGoSoft FTP Server reveals valid usernames and allows for brute force attacks
Index(es):
- Date
- Thread