Bugtraq mailing list archives
Re: Windows MS-DOS Device Name DoS vulnerabilities
From: Dennis Jenkins <djenkins () usb com>
Date: Mon, 09 Jul 2001 09:09:18 -0500
Since DOS devices exist in every directory (as first explained to
me in
the book 'Undocumented Dos'), we had a trick for testing for the
presence of a directory in a batch file. The test went like this:
if exist C:\DIRECTORY\MOREDIRS\NUL then .....
Because 'NUL' existed in every directory. Couldn't you just
write a
function that takes the filename under question and check to see if that
file existed in a known directory that should not contain any files
(maybe an empty directory created just for this purpose)?
--
djenkins () usb com Universal Savings Bank.
Security Administrator, Unix Administrator, Alpha Geek
The three most dangerous things are a programmer with a soldering
iron, a manager who codes, and a user who gets ideas.
Current thread:
- Re: Windows MS-DOS Device Name DoS vulnerabilities, (continued)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Michael Poole (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Alun Jones (Jul 07)
- Re[2]: Windows MS-DOS Device Name DoS vulnerabilities 3APA3A (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Pavel Kankovsky (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- AW: Windows MS-DOS Device Name DoS vulnerabilities Martin Werner (Jul 16)
- RE: Windows MS-DOS Device Name DoS vulnerabilities David LeBlanc (Jul 16)
- Windows MS-DOS Device Name DoS vulnerabilities richardca (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities ByteRage (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Ewen McNeill (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Peter Gutmann (Jul 10)