Full Disclosure mailing list archives
RE: Recycle Bin Unavailability of Service
From: "Bassett, Mark" <mbassett () omaha com>
Date: Mon, 4 Aug 2003 10:38:23 -0500
Um... just try typing it in twice? The first time after the first character it goes back to recycle bin, but the second time it lets you type in whatever you want. I am using XP SP1. Besides.. I don't really see how this is a security issue, and in fact I think its rather silly :-) -----Original Message----- From: Kaveh Mofidi [mailto:admin () securetarget net] Sent: Monday, August 04, 2003 6:26 AM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Recycle Bin Unavailability of Service -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Secure Target Network (Security Advisory August 04, 2003) Topic: Recycle Bin Unavailability of Service Discovery date: July 24, 2003 Affected applications and platforms: Windows XP Service Pack 1 Not affected applications and platforms: Windows 2000 Service Pack 3 (and may others) Introduction: I'm sure this is related to security issues because it gets in touch with availability. So, you may want to explore some places with your "Windows Explorer" or "My Computer" from else where. That's make no sense to you but ever doing exploring from "Recycle Bin" to anywhere else? You can't do this and this is a kind of Unavailability! When you clicked on "Recycle Bin" on any address bar, the word become highlighted and when you trying to type a path, the words and phrases you typed, turn to "Recycle Bin". This way, you cannot change MANUALLY to any desired location from "Recycle Bin". Exploit: There's no exploit for this misbehavior but you would be aware of unavailability this situation brings to your desktop because some day may you have not any mouse. Workaround: This involved with Windows XP GUI behavior and may fix in future but if you want workaround that, just copy and paste you desire path and press "ENTER" as fast as possible. Tested on: Windows XP Service Pack 1 Windows 2000 Service Pack 3 Feedback: Kaveh Mofidi (Admin () SecureTarget Net) Secure Target Network (Security Consulting Group) HTTP://SECURETARGET.NET -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBPy5A2WO1siv41icpEQKRGgCfc40Jat/xExHqDtQCS+gF6blrVYUAnjZh kt2GRpjpZN8rBy0BOU1BMGdg =b9Al -----END PGP SIGNATURE----- ************************************************************ Omaha World-Herald Company computer systems are for business use only. This e-mail was scanned by MailSweeper ************************************************************
Current thread:
- Recycle Bin Unavailability of Service Kaveh Mofidi (Aug 04)
- Re: [fd] Recycle Bin Unavailability of Service Mike Vasquez (Aug 04)
- <Possible follow-ups>
- RE: Recycle Bin Unavailability of Service Bassett, Mark (Aug 04)
- Re: Recycle Bin Unavailability of Service martin scherer (Aug 04)