Firewall Wizards mailing list archives

Buffer overflow in 95 and 98

From: "Eric Toll" <etoll () syracusesupply com>
Date: Mon, 15 Nov 1999 09:44:34 -0500

Is this an issue if boxes are behind firewall?



There is a buffer overflow in the Windows 95 and Windows 98
networking software that processes file name strings. If the
networking software were provided with a very long random string
as input, it could crash the machine. If provided with a
specially-malformed argument, it could be used to run arbitrary
code on the machine via a classic buffer overrun attack.

The vulnerability could be exploited remotely in cases where a
file:// URL or a Universal Naming Convention (UNC) string on a
remote web site included a long file name or where a long file
name was included in an e-mail message.

Affected Software Versions
==========================
The buffer overrun is present in the networking software in all
versions of Windows 95 and Windows 98.

Patch Availability
==================
 - Windows 95:
   http://download.microsoft.com/download/win95/update/245729/ 
   w95/en-us/245729us5.exe
 - Windows 98:
   http://download.microsoft.com/download/win98/update/245729/ 
   w98/en-us/245729us8.exe

Current thread:

Buffer overflow in 95 and 98 Eric Toll (Nov 15)
- Re: Buffer overflow in 95 and 98 Michael H. Warfield (Nov 16)
- Re: Buffer overflow in 95 and 98 Joseph S D Yao (Nov 17)