Re: Windows MS-DOS Device Name DoS vulnerabilities

From: Dennis Jenkins (djenkinsat_private)
Date: Mon Jul 09 2001 - 07:09:18 PDT

Next message: Elmaizi, Karim: "Cayman-DSL Model 3220-H DOS with nmap"

Previous message: Dennis Jenkins: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Maybe in reply to: richardcaat_private: "Windows MS-DOS Device Name DoS vulnerabilities"
Next in thread: Peter Gutmann: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Next in thread: ByteRage: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

       Since DOS devices exist in every directory (as first explained to
me in
the book 'Undocumented Dos'), we had a trick for testing for the
presence of a directory in a batch file.  The test went like this:

if exist C:\DIRECTORY\MOREDIRS\NUL then .....

        Because 'NUL' existed in every directory.  Couldn't you just
write a
function that takes the filename under question and check to see if that
file existed in a known directory that should not contain any files
(maybe an empty directory created just for this purpose)?



-- 
djenkinsat_private                           Universal Savings Bank.
Security Administrator, Unix Administrator, Alpha Geek

The three most dangerous things are a programmer with a soldering
iron, a manager who codes, and a user who gets ideas.

Next message: Elmaizi, Karim: "Cayman-DSL Model 3220-H DOS with nmap"
Previous message: Dennis Jenkins: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Maybe in reply to: richardcaat_private: "Windows MS-DOS Device Name DoS vulnerabilities"
Next in thread: Peter Gutmann: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Next in thread: ByteRage: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 09 2001 - 10:53:58 PDT