Bugtraq mailing list archives
Re: con\con is a old thing (anyway is cool)
From: bernd.luevelsmeyer () HEITEC NET (Bernd Luevelsmeyer)
Date: Fri, 17 Mar 2000 13:45:31 +0100
Oliver Friedrichs wrote: [...]
For example, you can create known devices with random extensions over a file share, com1.1 com1.2 com1.3 com1.4, and you cannot remove them locally. It's probably a good thing that the CIFS layer doesn't provide direct access to these devices, otherwise an anonymous share could open up a number of other security issues.
The file can be removed if you write the filename in a way that parsing doesn't recognize it as "special". Use a prefix of "\\.\" for example. E:\temp>dir *nul* File Not Found E:\temp>echo test > nul:# E:\temp>dir *nul* 00-03-17 13:29 0 nul E:\temp>del nul The system cannot find the path specified. E:\temp> del nul: The system cannot find the path specified. E:\temp>del \\.\e:\temp\nul E:\temp>dir *nul* File Not Found
Current thread:
- con\con is a old thing (anyway is cool) Ussr Labs (Mar 06)
- Re: con\con is a old thing (anyway is cool) Stephen White (Mar 08)
- Realplayer update pedward () WEBCOM COM (Mar 09)
- Re: con\con is a old thing (anyway is cool) Elias Levy (Mar 11)
- Re: con\con is a old thing (anyway is cool) YUFU (Mar 11)
- <Possible follow-ups>
- Re: con\con is a old thing (anyway is cool) Oliver Friedrichs (Mar 15)
- Re: con\con is a old thing (anyway is cool) Bernd Luevelsmeyer (Mar 17)
- Re: con\con is a old thing (anyway is cool) David LeBlanc (Mar 17)
- Verified PIX vulnerability to FTP-Pasv attack. monti (Mar 19)