Bugtraq mailing list archives

Re: con\con is a old thing (anyway is cool)

From: bernd.luevelsmeyer () HEITEC NET (Bernd Luevelsmeyer)
Date: Fri, 17 Mar 2000 13:45:31 +0100


Oliver Friedrichs wrote:
[...]

For example, you can create known devices with random extensions over
a file share, com1.1 com1.2 com1.3 com1.4, and you cannot remove them
locally.  It's probably a good thing that the CIFS layer doesn't
provide direct access to these devices, otherwise an anonymous share
could open up a number of other security issues.


The file can be removed if you write the filename in a way that parsing
doesn't recognize it as "special". Use a prefix of "\\.\" for example.

E:\temp>dir *nul*
File Not Found

E:\temp>echo test > nul:#

E:\temp>dir *nul*
00-03-17  13:29                      0 nul

E:\temp>del nul
The system cannot find the path specified.

E:\temp> del nul:
The system cannot find the path specified.

E:\temp>del \\.\e:\temp\nul

E:\temp>dir *nul*
File Not Found

Current thread:

con\con is a old thing (anyway is cool) Ussr Labs (Mar 06)
- Re: con\con is a old thing (anyway is cool) Stephen White (Mar 08)
- Realplayer update pedward () WEBCOM COM (Mar 09)
- Re: con\con is a old thing (anyway is cool) Elias Levy (Mar 11)
  - Re: con\con is a old thing (anyway is cool) YUFU (Mar 11)
- <Possible follow-ups>
- Re: con\con is a old thing (anyway is cool) Oliver Friedrichs (Mar 15)
  - Re: con\con is a old thing (anyway is cool) Bernd Luevelsmeyer (Mar 17)
  - Re: con\con is a old thing (anyway is cool) David LeBlanc (Mar 17)
  - Verified PIX vulnerability to FTP-Pasv attack. monti (Mar 19)