Re: another fatal bug in NT/2000 "Command Prompt" I/O

[Jason Brvenik <jason () brvenik com>]

All,

Isn't this the same as the History/Tab/Tab/Tab issue discussed a while
back.


open a cmd window.
type the following really fast
dir
F9
F9
F9
Tab
Tab
Tab

You should get the same results.
I believe there are some systems that are not vulnerable but can't
recall
the details as to why at the moment. Try searching the vuln-dev
archives.

It would be interesting to see if one can push enough to make it
exploitable
but I am sure somebody is looking at that again right now.

Jason

> -----Original Message-----
> From: zanemcauley () yahoo com [mailto:zanemcauley () yahoo com]
> Sent: Sunday, October 28, 2001 11:31 AM
> To: Robert Freeman; vuln-dev () securityfocus com
> Subject: Re: another fatal bug in NT/2000 "Command Prompt" I/O
>
>
> I tried this on MS Visual Studio v4 and Windows 2000 Advanced
> Server Service
> Pack 2 with some hotfixes for IIS 5.0, Not a peep from my box.
>
> I also did this with Visual Studio v7 beta 2, still not a problem.
>
> ----- Original Message -----
> From: "Robert Freeman" <freem100 () chapman edu>
> To: <vuln-dev () securityfocus com>
> Sent: Saturday, October 28, 2000 7:05 AM
> Subject: Re: another fatal bug in NT/2000 "Command Prompt" I/O
>
>
> > System reset as well using MS compiler and WinXP.
> >
> >
> > ----- Original Message -----
> > From: "Andrew Carmichael" <andrewcar () yahoo com>
> > To: <vuln-dev () securityfocus com>
> > Sent: Saturday, October 27, 2001 1:23 PM
> > Subject: Re: another fatal bug in NT/2000 "Command Prompt" I/O
> >
> >
> > > I compiled the
> > >
> > > printf("\t\b\b ");
> > >
> > > line using the borland conpiler and my system also
> > > died(win2k sp1).  However, my system just reset.
> >
> >
> > ----------------------------------------------------
> > Sign Up for NetZero Platinum Today
> > Only $9.95 per month!
> > http://my.netzero.net/s/signup?r=platinum&refcd=PT97