Full Disclosure mailing list archives
question regarding CAN-2004-0930
From: Christian Kujau <evil () g-house de>
Date: Tue, 16 Nov 2004 15:16:44 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi, don't know if this is the right place to ask, but here it goes: i was notified by one of my users (!) about the recent samba vulnerability (CAN-2004-0930 [1]) that this is indeed easily "exploitable" by just issuing commands with long wildcard-patterns in the filename part, just as: <smb-share>:\> dir ******.exe ok, my smbd went crazy and the "dir" command was waiting for the result. but: when i mounted the smb-share under linux (mount -t smbfs ....) and issuing $ ls /mnt/smb-share/*******.exe "ls" returned *instantly* with "No such file or directory" and smbd did not go crazy. now i ask myself: how comes? thank you for comments, Christian. [1] http://samba.iasi.roedu.net/samba/security/CAN-2004-0930.html - -- BOFH excuse #120: we just switched to FDDI. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBmgvL+A7rjkF8z0wRAjCwAJ90xxcrTOj9h0OIT5SQO+C9skSUzgCfYlK4 EqkXTwEDJHaQi6ItZShdYWI= =xvPA -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- question regarding CAN-2004-0930 Christian Kujau (Nov 16)
- Re: question regarding CAN-2004-0930 Paul Schmehl (Nov 16)
- Re: question regarding CAN-2004-0930 Christian (Nov 16)
- Re: question regarding CAN-2004-0930 upb (Nov 16)
- Re: question regarding CAN-2004-0930 Paul Schmehl (Nov 17)
- Re: question regarding CAN-2004-0930 evil (Nov 17)
- Re: question regarding CAN-2004-0930 Christian (Nov 16)
- Re: question regarding CAN-2004-0930 Paul Schmehl (Nov 16)
- <Possible follow-ups>
- question regarding CAN-2004-0930 evilninja (Nov 16)
- RE: question regarding CAN-2004-0930 Castigliola, Angelo (Nov 16)
- Re: question regarding CAN-2004-0930 Rob klein Gunnewiek (Nov 17)
- Re: question regarding CAN-2004-0930 Christian (Nov 17)
- Re: question regarding CAN-2004-0930 Rob klein Gunnewiek (Nov 17)