I got a "Data Execution Prevention" popup message from Windows using the %COMSPEC% string below as well as just the dir\\?\ string as well.
On 10/23/06 12:31 PM, "C. Hamby" <[EMAIL PROTECTED]> wrote: > This looks more like the command processor itself is reporting an error > because of length. The %COMSPEC% variable is kind of an odd thing to > use if the shell is already open (you usually see that in VBS to call > the current command shell followed by the /K to keep it open). Then > again I could be totally wrong....it does happen from time to time :-) > > I agree with Tillman, this doesn't look like a security issue. > > -cdh > > > Tillmann Werner wrote: >> Luis, >> >>> Tried it on Win2k3 SP1: >>> C:\Documents and Settings\Administrator>%COMSPEC% /K >>> "dir\\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA >>> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA >>> A AAAA >>> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA >>> A AAAA >>> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" >>> System replied: >>> The filename or extension is too long. >>> >>> >>> YEah! Buffer Overflow Windows XP SP2 >>> >>> I Hill debug this. >> >> What makes you think there is a buffer overflow? I'd say the 'dir' command >> reports an error for parameters beyond 256 chars. Just plain error handling, >> not a security issue, or am I missing something? >> >> Tillmann >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ================================================== David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ Shadowserver Foundation Member http://www.shadowserver.org ================================================== _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
