Vulnerability Development mailing list archives

Re: Crashing Win9x with smbclient - But NT & W2K?

From: Matthew.King () CWO NET AU (Matthew King)
Date: Mon, 27 Mar 2000 15:24:05 +1000


Hi.

I have tested this exploit on a home workstation running Windows95 and I was
not able to reproduce it.. Is this bug limited to a specific release of
Win95 or is it all of them?

Cya
Matthew

 -----Original Message-----
From:   Bluefish [mailto:11a () GMX NET]
Sent:   Monday, 27 March 2000 3:02 PM
To:     VULN-DEV () SECURITYFOCUS COM
Subject:        Crashing Win9x with smbclient - But NT & W2K?

The exploit of con\con has so far only been adressed to the singleuser
versions of Windows (Win9x), but a quite more interresting topic is
weather the attack can be carried out on NT and Win2k systems.

My idea is that initial testings might incorrectly lead to the assumption
that those systems were invulnerable because NT typically use NTFS and the
bug was related to the VFAT module. Could be interresting to know if
someone with access to different NT/Win2K builds could test if there's any
problem with asking for e.g. d:\con\con if d: is your VFAT partion.

(sorry, don't have NT installed on any of my machines)

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

Current thread:

Re: Crashing Win9x with smbclient - But NT & W2K? Matthew King (Mar 26)
- Re: Crashing Win9x with smbclient - But NT & W2K? Taneli Huuskonen (Mar 27)
- Re: Crashing Win9x with smbclient - But NT & W2K? Bluefish (Mar 28)
- Remembering Passwords in IE Justin Lintz (Mar 28)
  - Re: Remembering Passwords in IE Bluefish (Mar 30)
- <Possible follow-ups>
- Re: Crashing Win9x with smbclient - But NT & W2K? Luke Dudney (Mar 27)