Re: Casestudy abt how to exploit vulnerabilities

From: insecure (insecure@yandex.ru)
Date: Sat Mar 25 2006 - 03:30:44 EST

• Next message: Grizzly: "Re: Man in the middle attack help"
• Previous message: leehaynes@carleeprotection.com: "Pen testing and empyment"
• In reply to: G Sambasiva Rao: "Casestudy abt how to exploit vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>Hi
>
>I request your suggestions abt casestudies how to exploit
>vulnerabilities.Your suggestions may help many aspirents of security.
>
>Thanking you for sparing your time.
>
>Regards,
>GS
>

There is a good book "Buffer Overflow Attacks: Detect, Exploit, Prevent". There are:

Case Study: FreeBSD NN Exploit Code

Case Study: xlockmore User Supplied Format String Vulnerability (CVE-2000-0763)

Case Study: FrontPage Denial of Service Utilizing WinSock

Stack Overflows

Heap Corruption

Format String Attacks

Windows Buffer Overflows

Case Study: cURL buffer overflow on Linux

Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability (CAN-2002-0656)

Case Study: X11R6 4.2 XLOCALEDIR Overflow

Case Study: Microsoft MDAC Denial of Service

Case Study: Local UUX Buffer Overflow on HPUX

Finding Buffer Overflows in Source

Case Study: InlineEgg I

Case Study: InlineEgg II

Case Study: Seti@Home Exploit Code

Case Study: Microsoft CodeBlue Exploit Code

Also, look here
http://esj.com/Case_Study/default.aspx

-- 
Roman Shirokov
Systems Administrator
85A4 8586 FEEE 171B D0F1  A9C1 27C8 A907 EE45 7D0E
http://securitybox.org.ru
e-mail: securitybox@softhome.net
Making the roads safe...
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

• Next message: Grizzly: "Re: Man in the middle attack help"
• Previous message: leehaynes@carleeprotection.com: "Pen testing and empyment"
• In reply to: G Sambasiva Rao: "Casestudy abt how to exploit vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:44 EDT