Vuln Dev
Windows Command Processor CMD.EXE Buffer Overflow Oct 19 2006 03:33AM
gregory_panakkal (gregory_panakkal fastmail fm) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 11:51AM
Osvaldo Casagrande (ocasagrande diviserv com) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 21 2006 02:05PM
RockyH (rocky he g-wizinnovations com)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 10:51PM
Marvin Simkin (Marvin Simkin asu edu) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 21 2006 12:22PM
gregory_panakkal (gregory_panakkal fastmail fm) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 23 2006 03:05PM
Marvin Simkin (Marvin Simkin asu edu)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 22 2006 01:01PM
Dan Yefimov (dan ns15 lightwave net ru) (2 replies)
gregory_panakkal wrote:
> Hi,
>
> I had tested on couple of winxp sp2 fully patched systems, DEP came into
> the picture.
> On Win2k - the cmd.exe immediately terminates; on vista - no issues - it
> throws up a proper error.
>
This is not true. On completely patched Win2K cmd.exe doesn't terminate or crash:

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>%comspec% /k "dir \\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
The filename or extension is too long.

C:\>

[ reply ]
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 22 2006 10:24PM
Danux (danuxx gmail com)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 22 2006 07:56PM
Luis Alberto Cortes Zavala (napasn securitynation com) (1 replies)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 23 2006 04:51PM
Dan Yefimov (dan ns15 lightwave net ru)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 10:57PM
Marvin Simkin (Marvin Simkin asu edu)
Re: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 08:58AM
The SNiFF (thesniff gmail com) (1 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow Oct 20 2006 07:33PM
Luis Alberto Cortes Zavala (napasn securitynation com)


 

Privacy Statement
Copyright 2010, SecurityFocus