Windows ANI File Parsing Proof Of Concept (MS05-002)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Windows ANI File Parsing Proof Of Concept (MS05-002)
From: <assaf404@xxxxxxxxx>
Date: 12 Jan 2005 21:42:10 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


Hi all!
I have created a proof of concept for the Windows ANI File Parsing 
vulnerability which got published by eEye yesterday (MS05-002).

Details about the proof of concept + demo can be found here :
http://underwar.livedns.co.il/projects/ani/

Very detailed process of creating the proof of concept :
http://underwar.livedns.co.il/projects/ani/ani_poc.txt

Assaf Reshef.

Prev by Date: Is DEP easily evadable?
Next by Date: [waraxe-2005-SA#039] - Critical Sql Injection in Sgallery module for PhpNuke
Previous by thread: Re: Is DEP easily evadable?
Next by thread: [waraxe-2005-SA#039] - Critical Sql Injection in Sgallery module for PhpNuke
Index(es):
- Date
- Thread