Vulnerability Development mailing list archives
Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions.
From: bfiero () MENTALFLOSS NET (Bob Fiero)
Date: Sat, 22 Apr 2000 09:45:00 -0400
At 09:12 PM 4/21/2000 -0500, you wrote:
Your having stripped Internet Explorer and/or dropping in Win95 explore.exe might well be what has caused ths to not function on your end.
Zoa_Chien sent me an example for exploiting this with Eudora, it was very effective in making my e-mail unaccessible. He also was kind enough to mention in the e-mail how to make Eudora usable again, but if it wasn't for me poking around files within Eudora with Edit, I never would have found it. :)
Course, my interest is in what you did to strip out Internet Explorer, it was my understanding that doing so broked much of the OS....
Contrary to popular belief, Windows 98 without IE fixes much of the OS. Most noted is the unending slew of bugs and vulnerabilities that IE and Outlook bring to the OS. I most enjoy the large performance increase. I use a utility called 98Lite that can be found at http://www.98lite.net and have systems that outperform and are more secure than any Win98 systems setup as Microsoft would have you believe they need to be. I never have allowed IE to ever touch my hard disks, and would still be using Win95 (and Netware/Linux for my servers) if it wasn't for this great utility. This configuration alone, in my opinion, is more than enough proof to me that MS is guilty of harming consumers for the sole purpose of business gain. Each and every person who has tried this configuration has come to realize the harm integrating IE has done to consumers, and would never consider allowing IE to "muck up" his or her system again.
Current thread:
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Bob Fiero (Apr 22)
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Ron DuFresne (Apr 22)
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Su Wadlow (Apr 22)
- buffer overflow??? Cyber_Bob (Apr 23)
- Re: buffer overflow??? Przemyslaw Frasunek (Apr 23)
- Re: buffer overflow??? Sebastian (Apr 23)
- Re: buffer overflow??? Markus Kern (Apr 23)
- exploit for W98 long filenameextensions buffer overflow. Laurent Eschenauer (Apr 23)
- Re: buffer overflow??? Blue Boar (Apr 23)
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. Markus Kern (Apr 23)
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Su Wadlow (Apr 22)
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Ron DuFresne (Apr 22)
- <Possible follow-ups>
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Thomas Dullien (Apr 23)