|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: Buffer overflow in Explorer.exe
Date: Thu May 08 2003 - 18:28:21 EDT
Hi,
I don't quite understand the purpose behind this code. It creates a read only file '/aT4r[at]3WDesign.es Security/desktop.ini' with the contents of
[.ShellClassInfo]
AAAAAAAAAAAA {x2301}
And then terminates? I don't have a windows machine available to really explore this any, but what makes that entry in desktop.ini cause this? Furthermore, is this issue only for that particular key or is it generally just key/excessive parameter/missing value size that is affected? And additionally, you mention that explorer will no longer be able to operate when trying to browse the hard disk, but does this mean globally, or when they try to browse the c:/ drive, or just that particular folder?
Please send me more information about this, (even if it references past posts that I have missed) so that I can better understand the severity of this. Espcially since to me, I still see it as someone needing to download and execute untrusted software which causes a system crash, and if that were going to happen there are far worse things that can be done besides creating a small text file.
Thanks,
Ryan Yagatich
,_____________________________________________________, \ Ryan Yagatich support@pantek.com \ / Pantek Incorporated (877) LINUX-FIX / \ http://www.pantek.com/security (440) 519-1802 \ / Are your networks secure? Are you certain? /\___E8354282324E636DB5FF7B8A6EDED51FD02C06C68D3DB695___\ On Wed, 7 May 2003, aT4r InsaN3 wrote:
>This bug allow a malicious an attacker to execute data with privileges of a
<snip>
>
> strcpy(path,"\\aT4r[at]3WDesign.es Security");
> bof=fopen(path,"w");
<snip>
Received on Fri May 9 12:35:12 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:38 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |