Windows NT 4.0 / 2000 cmd.exe Buffer Overflow Vulnerability

An unchecked buffer exists in the code that handles environment strings within the command interpreter of Windows NT 4.0 and 2000, cmd.exe. If an unusually large environment variable is specified, cmd.exe will fail and the memory used will not be freed. By exploiting this repeatedly, an attacker could use up all free memory and cause a denial of service. This weakness could be exploited remotely via email, or in a situation where a batch file was used as a CGI script, and put user input into an environment variable.


 

Privacy Statement
Copyright 2010, SecurityFocus