Full Disclosure mailing list archives

Re: Windows Command Processor CMD.EXE BufferOverflow

From: "Peter Ferrie" <pferrie () symantec com>
Date: Mon, 23 Oct 2006 14:58:18 -0700

file://
?


OK, I'll bite.  Why are file:// URLs relevant to the discussion?


It allows arbitrary data to be passed to CMD.EXE, without first owning the system.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Windows Command Processor CMD.EXE Buffer Overflow offset (Oct 23)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Brian Eaton (Oct 23)
  - Re: Windows Command Processor CMD.EXE Buffer Overflow Thierry Zoller (Oct 23)
    - Re: Windows Command Processor CMD.EXE Buffer Overflow Brian Eaton (Oct 23)
    - Re: Windows Command Processor CMD.EXE BufferOverflow Peter Ferrie (Oct 23)
    - Re: Windows Command Processor CMD.EXE BufferOverflow Matthew Flaschen (Oct 23)
    - Re: Windows Command Processor CMD.EXE BufferOverflow Brian Eaton (Oct 23)
    - Re: Windows Command Processor CMD.EXE BufferOverflow Debasis Mohanty (Oct 23)
    - Message not available
    - Fwd: Windows Command Processor CMD.EXE BufferOverflow Mark Senior (Oct 24)
    - Re: Windows Command Processor CMD.EXEBufferOverflow Dave "No, not that one" Korn (Oct 25)
  - Re: Windows Command Processor CMD.EXE Buffer Overflow Nick FitzGerald (Oct 23)