Bugtraq mailing list archives
Re: Windows MS-DOS Device Name DoS vulnerabilities
From: Dennis Jenkins <djenkins () usb com>
Date: Mon, 09 Jul 2001 09:09:18 -0500
Since DOS devices exist in every directory (as first explained to me in the book 'Undocumented Dos'), we had a trick for testing for the presence of a directory in a batch file. The test went like this: if exist C:\DIRECTORY\MOREDIRS\NUL then ..... Because 'NUL' existed in every directory. Couldn't you just write a function that takes the filename under question and check to see if that file existed in a known directory that should not contain any files (maybe an empty directory created just for this purpose)? -- djenkins () usb com Universal Savings Bank. Security Administrator, Unix Administrator, Alpha Geek The three most dangerous things are a programmer with a soldering iron, a manager who codes, and a user who gets ideas.
Current thread:
- Re: Windows MS-DOS Device Name DoS vulnerabilities, (continued)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Michael Poole (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Alun Jones (Jul 07)
- Re[2]: Windows MS-DOS Device Name DoS vulnerabilities 3APA3A (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Pavel Kankovsky (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- AW: Windows MS-DOS Device Name DoS vulnerabilities Martin Werner (Jul 16)
- RE: Windows MS-DOS Device Name DoS vulnerabilities David LeBlanc (Jul 16)
- Windows MS-DOS Device Name DoS vulnerabilities richardca (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities ByteRage (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Ewen McNeill (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Peter Gutmann (Jul 10)