Re: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow.

["KF (lists)" <kf_lists@xxxxxxxxxxxxx>]

I would say they lied myself... I have all patches from Windows update 
installed including all the optional ones... still crashes for me and 
still tears up the EIP and EBP. My IE advertises itself as: 
6.0.2800.1106 SP1; Q837009;Q8832894:Q831167 , The OS is Win2k Server 
5.00.2195 SP4.

Thus far I have been unable to locate a good unicode return address... 
but thats not to say there is not one there. =] . For those of you 
wondering smb.conf DOES allow for characters like \x90 and other things 
of that nature.

enjoy.

-KF


Paul Szabo wrote:

> Anyway, http://support.microsoft.com/?kbid=322857 lies when it says this is
> fixed in W2kSP4; or maybe that KB article refers to a different problem: it
> say the error should be "Access Violation", I got "Program Error".
>
> Cheers,
>
> Paul Szabo - psz@xxxxxxxxxxxxxxxxx  http://www.maths.usyd.edu.au:8000/u/psz/
> School of Mathematics and Statistics  University of Sydney   2006  Australia
>
>  

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html