Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Securax Security Advisory: Windows98 contains a serious buffe r overflow with long filename extensions.

From: Rudy.Schockaert () COMPAQ COM (Schockaert, Rudy)
Date: Wed, 26 Apr 2000 13:12:05 +0100

I've been experimenting a little bit more with this "harmless" file.
Trying to attach it as an email attachment, gives me an error as I mentioned
before. If I keep on trying Outlook 2000 starts behaving very strange: I can
no longer open attachments by double-clicking them in the email.
Right-clicking it enough also destabilises Windows 2000. Could no longer
start certain apps. Rebooting cures all pain.

It's a good thing that there is at least one vendor out there that traps
this kind problem (it is not actually a virus).

-----Original Message-----
From: Blue Boar [mailto:BlueBoar () thievco com]
Sent: woensdag 26 april 2000 6:10
To: Schockaert, Rudy
Cc: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Securax Security Advisory: Windows98 contains a
seriousbufferoverflow with long filenameextensions.

"Schockaert, Rudy" wrote:
<snip>
1_.Buffer_Overflow_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAA




Now that's interesting... when this file was sent as an attachment, it set
a couple of virus-scanners, because I received some mail from mail
gateways to that effect.  Perhaps the antivirus guys are reading here and
reacting quickly? :)

One was InterScan E-Mail VirusWall, and the other was .. InterScan NT
Alert.
Same product?

Anyway, just curious.  Good for them.  I wonder if it's a general file-too-
long check.

                                        BB
Previous By Date Next
Previous By Thread Next

Current thread: