Waiting for the Worms

Waiting for the Worms
Tim Mullen, 2003-07-21

The hole's been announced, the patch has been released. Now there's nothing to do but wait for the worm to come and wreak its ugly havoc.

Waiting for the Worms 2003-07-23
Anonymous

It's a heap overflow, it can't be easily exploited without brute forcing the correct offsets to gain access.

Why don't you think there have been worms for other vulnerabilities recently (that are also heap corruption bugs) - WebDAV? IIS HTR overflow??
...

[ more ]