funsec mailing list archives
Re: Hey old people
From: Drsolly <drsollyp () drsolly com>
Date: Wed, 21 Dec 2005 12:20:42 +0000 (GMT)
On Tue, 20 Dec 2005, Blue Boar wrote:
http://www.osvdb.org/blog/?p=77 Any of you guys remember any really old vulnerabilities?
My favourite is the one whereby an IBM PC tries to boot from a floppy disk by loading and executing the boot sector, even if your normal bootup is from the hard disk. That was introduced with the IBM XT, (1983, I think) and first exploited in 1986. But for a really old vulnerability you want the one whereby is you have an EXE file, and put a COM file in the same directory, then the COM file gets executed in preference to the EXE file when you type the filename without extension. That existed in 1981, although it wasn't realised that it was a vulnerability until the 1990s _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Hey old people Blue Boar (Dec 20)
- Re: Hey old people Drsolly (Dec 21)
- RE: Hey old people Larry Seltzer (Dec 21)
- Re: Hey old people Blue Boar (Dec 21)
- RE: Hey old people Larry Seltzer (Dec 21)
- Re: Hey old people Drsolly (Dec 21)
- RE: Hey old people Larry Seltzer (Dec 21)
- RE: Hey old people Nick FitzGerald (Dec 21)
- RE: Hey old people Drsolly (Dec 21)
- RE: Hey old people Drsolly (Dec 21)
- RE: Hey old people Drsolly (Dec 21)
- RE: Hey old people Drsolly (Dec 21)
- Re: Hey old people Drsolly (Dec 21)