On 10/23/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > This works on Windows SP2 : The system doesn't reply "The filename or > extension is too long." > but cmd crash.
Is there a reason that a buffer overflow in cmd.exe matters? If the attacker is sending arbitrary input to cmd.exe, haven't they owned the box anyway? Regards, Brian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
