"You had me at Hello"

Printable View

August 8th, 2002, 02:23 AM
smartin77

"You had me at Hello"

No, this is not a pickup line, nor is it a line from Jerry McGuire. It's about a buffer overflow in MS SQL. I have read a little about it at: http://online.securityfocus.com/arch...4/2002-08-10/2
but I do not recognize the script as a language I know (c/c++). I am currently trying to learn about buffer overflows and how they work, however, I have not yet been able to perform an actual overflow. I have a win2k system with SQL on it and a red hat system which is my learning platform.

Ideally, I would like to try this out on my little network. Any ideas where I can get more information on this? and how I might be able to replicate these on my systems?

Thanks
-Scott
August 10th, 2002, 02:50 AM
thesecretfire

With the title "You had me at HELO", you could have made a great little pun about open mail relays, but this thread's title is simply quite ambiguous.
August 10th, 2002, 03:40 AM
Tedob1

looks like a nessus script. You can download nessus trialware and add the script as a plugin

I went back and re-read it. up on the top of the page:

It even has the correct ID number and will soon be available from the Nessus
homepage as well,