Vulnerability Development mailing list archives
Re: Crashing Win9x
From: as () PSA AT (Alexander Sanda)
Date: Mon, 27 Mar 2000 12:22:07 +0200
At 20:48 20.03.2000 +0000, Alun Jones wrote:
This has been a known awkwardness in Windows (and indeed anything based on the DOS underpinnings) for some time - we've had code that specifically checks for "CON", "PRN" or "AUX" for several years now, although one of our competitors actually makes a selling point of the idea that users can come in and write directly to your printer through their FTP server! Essentially, the word from Microsoft has so far been for apps not to create files called CON, PRN, AUX, COM1-4, LPT1- 3, or CLOCK$ (sorry if I've missed any). There are, however, a few ways and means to create files of such a name, and they've proven traditionally to be a little tricky to remove (of the same order of trickery as creating a file on Unix with a leading '-' character).
If this is really what MS says than it sounds like a very bad joke. Excuse me, but what would customers say when they buy a new car and the sales rep tells them - "ok, fine here it is, but please don't use the 3rd gear, it will blow up your car and eventually kill you". This remembers me to a .sig I have seen somewhere: # If builders built houses the way programmers write programs then the # # first woodpecker to come along would destroy civilization. #
Current thread:
- Re: Crashing Win9x PCbob - Slobodan miskoviC (Mar 15)
- Re: Crashing Win9x Alun Jones (Mar 20)
- Re: Crashing Win9x Michael Marschall (Mar 23)
- Re: Crashing Win9x Alun Jones (Mar 23)
- MS IIS - HTR still a problem? Pete Philips (Mar 23)
- Re: Crashing Win9x Troy Ablan (Mar 23)
- Re: Crashing Win9x Alexander Sanda (Mar 27)
- Re: Crashing Win9x Michael Marschall (Mar 23)
- Re: Crashing Win9x Alun Jones (Mar 20)