Vuln Dev
Windows Command Processor CMD.EXE Buffer Overflow Oct 19 2006 03:33AM
gregory_panakkal (gregory_panakkal fastmail fm) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 11:51AM
Osvaldo Casagrande (ocasagrande diviserv com) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 21 2006 02:05PM
RockyH (rocky he g-wizinnovations com)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 10:51PM
Marvin Simkin (Marvin Simkin asu edu) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 21 2006 12:22PM
gregory_panakkal (gregory_panakkal fastmail fm) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 23 2006 03:05PM
Marvin Simkin (Marvin Simkin asu edu)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 22 2006 01:01PM
Dan Yefimov (dan ns15 lightwave net ru) (2 replies)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 22 2006 10:24PM
Danux (danuxx gmail com)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 22 2006 07:56PM
Luis Alberto Cortes Zavala (napasn securitynation com) (1 replies)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 23 2006 04:51PM
Dan Yefimov (dan ns15 lightwave net ru)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 10:57PM
Marvin Simkin (Marvin Simkin asu edu)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 08:58AM
The SNiFF (thesniff gmail com) (1 replies)
> Copy-paste the following line in cmd.exe and execute it..
> (it is a single command, has been split into multiple lines for
> readability sake).
>
> %COMSPEC% /K "dir
> \\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
>
> (260 characters of 'A's)

Tried it on Win2k3 SP1:
C:\Documents and Settings\Administrator>%COMSPEC% /K
"dir\\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
System replied:
The filename or extension is too long.

[ reply ]
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 07:33PM
Luis Alberto Cortes Zavala (napasn securitynation com)


 

Privacy Statement
Copyright 2010, SecurityFocus