Bugtraq mailing list archives
Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities)
From: George Staikos <staikos () 0wned org>
Date: Fri, 20 Jul 2001 09:35:26 -0400
On Wednesday 18 July 2001 15:30, Richard Kettlewell wrote:
A better answer might be to stat the file, and reject it if it not a regular file. Another approach would be to forbid inlining "file:" URLs from external pages, as described at http://bugzilla.mozilla.org/show_bug.cgi?id=91316
Exactly this has been done in Konqueror CVS and will be in the upcoming 2.2 release. It wouldn't allow opening of these in the URL bar but it would open them as <IMG SRC="">. -- George Staikos
Current thread:
- Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Ishikawa (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Robin Houston (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) David F. Skoll (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) aland (Jul 18)
- Internet Explorer file:// URL issues Chad Loder (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Glynn Clements (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Jeffrey W. Baker (Jul 18)
- Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Richard Kettlewell (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) George Staikos (Jul 20)
- <Possible follow-ups>
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) der Mouse (Jul 19)