Full Disclosure mailing list archives
FirstClass 7.1: Bypass File Execution Warning
From: "Richard Maudsley" <r_i_c_h () btopenworld com>
Date: Mon, 02 Feb 2004 07:41:38 +0000
Product: FirstClass Desktop Client 7.1 Developer: OpenText (+SoftArc/+Centrinity) URL: http://www.opentext.com Description: Files with specially crafted names will execute without displaying a warning prompt, and bypassing administrator file extension download permissions. Details: Files on the FirstClass server are managed by their ID, the actual name is only used by the user to identify individual files. This means that two files can have the same filename, no filename at all, or include invalid filename characters that cannot be used on Windows (<>\/?*"). If any incorrect characters have been used in a filename, and that file is downloaded/executed from the server the incorrect characters will be stripped from the local filename. If no filename is provided at all, an integer is used to identify the file locally. If the local file already exists, the new file will include an integer before the period (and file extension). When a triangular bracket (<) character is placed at the end of the file extension (e.g test.exe<) the file is no longer an exe according to the server, and upon double-click no warning/execution prompt is given to the user, the file is downloaded (integer value includes before the file extension if it already exists), triangular bracket stripped and the file is executed/loaded using its associated software. This problem (should) be easily resolved by stripping the invalid chars, and then checking the file extension against the administrators settings. Enjoy, Richard Maudsley http://www.mindblock.org/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FirstClass 7.1: Bypass File Execution Warning Richard Maudsley (Feb 02)