Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with blah blah blah

[vulndev.schlachter () CORNELL EDU (Jake Schlachter)]

Bob Fiero wrote:
> I attempted to test this on two systems and could not produce any problems
> at all handling the file created with the batch file command supplied. I am
...
> I use Eudora, which you claim will crash if you attach this file to a
> message. Can you send me an example, and I'll let you know what if anything
> happens?

The batch file supplied in the initial post isn't functional unless you
remove the spaces in between parts of the filename.  In my tests, the file
seemed rather inert until double clicked, at which time it crashed
explorer.exe.  None of the test files I used caused a Blue Screen.  Viewing
the directory afterwards (without restart) produced inconsistent results--
but usually it would not crash until the file was clicked.  I also emailed
the file to myself as an attachment, downloaded and stored with Eudora Pro
4.2.0.58, and nothing happened. At all. Even after going back into the dir
in explorer and clicking it.

Ron DuFresne wrote:
> Your having stripped Internet Explorer and/or dropping in Win95
> explore.exe might well be what has caused ths to not function on your end.

My tests were performed under win98 using litestep as the shell, but I've
got the standard win98 explorer.exe.  The long and short of my tests is
that this bug doesn't seem like a threat unless users are actively engaging
the problematic file.

-- jake.schlachter () cornell edu