From: insecure (insecure@yandex.ru)
Date: Sat Mar 25 2006 - 03:30:44 EST
>Hi
>
>I request your suggestions abt casestudies how to exploit
>vulnerabilities.Your suggestions may help many aspirents of security.
>
>Thanking you for sparing your time.
>
>Regards,
>GS
>
There is a good book "Buffer Overflow Attacks: Detect, Exploit, Prevent". There are:
Case Study: FreeBSD NN Exploit Code
Case Study: xlockmore User Supplied Format String Vulnerability (CVE-2000-0763)
Case Study: FrontPage Denial of Service Utilizing WinSock
Stack Overflows
Heap Corruption
Format String Attacks
Windows Buffer Overflows
Case Study: cURL buffer overflow on Linux
Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability (CAN-2002-0656)
Case Study: X11R6 4.2 XLOCALEDIR Overflow
Case Study: Microsoft MDAC Denial of Service
Case Study: Local UUX Buffer Overflow on HPUX
Finding Buffer Overflows in Source
Case Study: InlineEgg I
Case Study: InlineEgg II
Case Study: Seti@Home Exploit Code
Case Study: Microsoft CodeBlue Exploit Code
Also, look here
http://esj.com/Case_Study/default.aspx
-- Roman Shirokov Systems Administrator 85A4 8586 FEEE 171B D0F1 A9C1 27C8 A907 EE45 7D0E http://securitybox.org.ru e-mail: securitybox@softhome.net Making the roads safe... ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:44 EDT