Bugtraq mailing list archives
Re: Windows MS-DOS Device Name DoS vulnerabilities
From: pgut001 () cs auckland ac nz (Peter Gutmann)
Date: Tue, 10 Jul 2001 16:19:15 (NZST)
Dennis Jenkins <djenkins () usb com> writes:
He will access the device. This is documented in the book "Undocumented Dos" (author, editor, press I don't remember).
My copies claims to be by Schumann et al, published by Addison-Wesley.
In the early days of DOS, there was a reason why this was done. But I don't remember that either.
Speaking of the early days of DOS, this bug has been around for a long, long time. I remember being able to crash BBS's 10 years ago [0] by uploading zip files containing reserved names which would bring down the system when the BBS software scanned the file. I think later versions of Pkzip would try and check for reserved names to try and prevent this. Peter. [0] With the permission of the sysop, done as a demonstration.
Current thread:
- Re: Windows MS-DOS Device Name DoS vulnerabilities, (continued)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Alun Jones (Jul 07)
- Re[2]: Windows MS-DOS Device Name DoS vulnerabilities 3APA3A (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Pavel Kankovsky (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- AW: Windows MS-DOS Device Name DoS vulnerabilities Martin Werner (Jul 16)
- RE: Windows MS-DOS Device Name DoS vulnerabilities David LeBlanc (Jul 16)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Alun Jones (Jul 07)
- Windows MS-DOS Device Name DoS vulnerabilities richardca (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities ByteRage (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Ewen McNeill (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Peter Gutmann (Jul 10)