Vulnerability Development mailing list archives
Re: Windows Command Processor CMD.EXE Buffer Overflow
From: Dan Yefimov <dan () ns15 lightwave net ru>
Date: Sun, 22 Oct 2006 17:01:19 +0400
gregory_panakkal wrote:
Hi, I had tested on couple of winxp sp2 fully patched systems, DEP came into the picture. On Win2k - the cmd.exe immediately terminates; on vista - no issues - it throws up a proper error.
This is not true. On completely patched Win2K cmd.exe doesn't terminate or crash: Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. C:\>%comspec% /k "dir \\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA The filename or extension is too long. C:\>
Current thread:
- Windows Command Processor CMD.EXE Buffer Overflow gregory_panakkal (Oct 19)
- Re: Windows Command Processor CMD.EXE Buffer Overflow The SNiFF (Oct 20)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Luis Alberto Cortes Zavala (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Osvaldo Casagrande (Oct 20)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow gregory_panakkal (Oct 21)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Dan Yefimov (Oct 22)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Luis Alberto Cortes Zavala (Oct 22)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Dan Yefimov (Oct 23)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Danux (Oct 23)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 23)
- Re: Windows Command Processor CMD.EXE Buffer Overflow The SNiFF (Oct 20)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Bernardo Wernesback (Oct 23)
- <Possible follow-ups>
- Re: Re: Windows Command Processor CMD.EXE Buffer Overflow mr . dan . friedman (Oct 24)