Full Disclosure mailing list archives
another filename bypass vulnerability - from cmd.exe
From: "Aditya Deshmukh" <aditya.deshmukh () online gateway strangled net>
Date: Wed, 16 Nov 2005 17:48:34 +0530
Was doing some testing [xfocus-AD-051115] Ie Multiple antivirus failed to scan malicous filename bypass vulnerability The system is windows 2000 sp4 srp5 with all other patches upto date. At the command prompt cmd.exe execute the following with the results. I copy and paste from cmd.exe ------------------------------------------------------------------- E:\TEMP>cd test E:\TEMP\test>copy %windir%\system32\calc.exe 1 file(s) copied. E:\TEMP\test>ren calc.exe calc.exe.zip E:\TEMP\test>dir /b calc.exe.zip E:\TEMP\test>calc.exe.zip E:\TEMP\test> ------------------------------------------------------------------- This bring up the calc.exe on the screen. ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- another filename bypass vulnerability - from cmd.exe Aditya Deshmukh (Nov 16)
- Re: another filename bypass vulnerability - from cmd.exe 6ackpace (Nov 16)
- Re: another filename bypass vulnerability - from cmd.exe HernĂ¡n M . Racciatti (Nov 17)