Back to list
Re: Windows Command Processor CMD.EXE Buffer Overflow
Oct 23 2006 04:35PM
Bernardo Wernesback (bernardosw gmail com)
Reproduced the problem on Windows XP SP2 + All Patches English Version.
EventType : BEX P1 : cmd.exe P2 : 5.1.2600.2180 P3 : 41107ebe
P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 00410041
P8 : c0000005 P9 : 00000008
DEP went into action and generated a dump to be sent to Microsoft for cmd.exe.
On 10/19/06, gregory_panakkal <gregory_panakkal (at) fastmail (dot) fm [email concealed]> wrote:
> Windows Command Processor CMD.EXE Buffer Overflow
> Tested on WinXP SP2
> Impact - Very Low
> Copy-paste the following line in cmd.exe and execute it..
> (it is a single command, has been split into multiple lines for
> readability sake).
> %COMSPEC% /K "dir
> (260 characters of 'A's)
> DEP Comes into the picture.
> URL :
> Gregory Panakkal
> gregory_panakkal (at) fastmail (dot) fm [email concealed]
> http://www.fastmail.fm - I mean, what is it about a decent email service?
[ reply ]
Copyright 2010, SecurityFocus