Bugtraq mailing list archives
OFFICIAL RELEASE of the [device]\[device] advisory
From: zoa_chien () INAME COM (Zoa_Chien)
Date: Mon, 6 Mar 2000 11:13:23 +0100
This is the OFFICIAL RELEASE (ignore all incomplete pre-releases) of the exploit by the securax security team. ---------------------------------------------------------------------------- --------------------- Description: securax security advisory 01: Local and REMOTE! users can crash Windows '95/'98 systems using special crafted path-strings that refer to device drivers being used. Upon parsing this path the Ms Windows OS will crash leaving no other option but to reboot the machine. With this all other running applications on the machine will stop responding...local use : with any application that allows saving or opening of a file | remote use : with all HTTPd/FTPd/Email/Usenet (and possibly napster/samba /icq /...). This bug could also be used in macro viruses. This advisory contains a simple workaround. ---------------------------------------------------------------------------- --------------------- www.securax.org <HR NOSHADE> <UL> <LI>text/plain attachment: scx-sa-01.txt </UL>
Current thread:
- Minor security problem in The Bat! 3APA3A (Mar 02)
- Re: Minor security problem in The Bat! Andrei Koulik (Mar 05)
- OFFICIAL RELEASE of the [device]\[device] advisory Zoa_Chien (Mar 06)