Amen, brotha :) MS needs to get a grip on the security situation, because there are more and more people that are able to obtain vuln information, through lists such as this one and web sites and newsgroups ... the list goes on. Simply ignoring problems will not fix anything. What will it take for MS to get the picture?
My two cents -- Justin ----- Original Message ----- From: "Geoincidents" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 02, 2003 7:23 PM Subject: Re: [Full-Disclosure] Microsoft Cries Wolf ( again ) > About a year ago, I tripped over this issue. (I have since found out it > is a known bug - see http://www.sitepoint.com/print/1029). In an effort > to help MS, I spent hours of company time registering to various bug > reporting services on MS sites - and never found one that would accept > my bug report because IE is not a paid product. Not that I wanted any > support - I only wanted to help them out. How many semi serious issues exist where people just never bother to disclose them to the public and where the vendor decides to ignore the notification? Any NTFS volume, doesn't matter if it's NT4, W2K, or XP is susceptable to being wasted by a virus that does nothing but create files. How you ask? Simple create a bunch of 500 byte files until you fill the partition, now delete them, ok now try to use the partition to store normal sized files, you can't use but 20% of it because 80% of it is now MFT. NTFS has a problem in that it never shrinks the MFT, when you create small files NTFS stores the whole file in the MFT instead of storing a data segment, by filling the disk with tiny files you expand the MFT and the only way to reduce it once it's expanded is to reformat the partition. Do you think a virus that had this simple capability could do some damage? Imagine a desktop getting the virus and having it create the files on a server share. I told MS about this back on 0ct 10 2002 and even sent them exploit code, never even got a response, not even a "sorry we don't consider it a threat" note. I've talked to others and their only possible point was if you can create and delete files then you could just delete the disk, my counter point was any user who has access to store files on a server could exploit this but those same users could not delete the server partition or damage the server disk in any other way except for their files. There is a way to protect servers from this, use quotas. But what I wonder is how many other issues like this never see the light of day because the vendor ignores it and nobody takes it public? Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
