Thursday, February 28, 2002, 1:31:47 PM, escribistes: Hola mopli,
As� a lo cortito, decir que si te envian un mail en el que vaya un adjunto con el mismo nombre de un dispositivos (con, lpt1, com1, ....) si tienes activada la opci�n del The Bat! de guardar los adjuntos aparte del mensaje cuando se baje el correo con ese adjunto The Bat! se queda flipao. > Que tal un resumen en espa�ol, por favor? > Thursday, February 28, 2002, 11:06:39 AM, you wrote: MB>> Bueno he visto esto y sin p�nico ninguno lo pongo aqu� para que los MB>> m�ximos interesados tengamos la info m�s directa antes de que los MB>> rumores nos lleguen exagerados: >>>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm >>>List-Id: <bugtraq.list-id.securityfocus.com> >>>List-Post: <mailto:[EMAIL PROTECTED]> >>>List-Help: <mailto:[EMAIL PROTECTED]> >>>List-Unsubscribe: <mailto:[EMAIL PROTECTED]> >>>List-Subscribe: <mailto:[EMAIL PROTECTED]> >>>Delivered-To: mailing list [EMAIL PROTECTED] >>>Delivered-To: moderator for [EMAIL PROTECTED] >>>Date: Wed, 27 Feb 2002 17:01:39 +0300 >>>From: 3APA3A <[EMAIL PROTECTED]> >>>X-Mailer: The Bat! (v1.54 Beta/39) >>>Reply-To: 3APA3A <[EMAIL PROTECTED]> >>>Organization: http://www.security.nnov.ru >>>To: [EMAIL PROTECTED], [EMAIL PROTECTED] >>>Subject: SECURITY.NNOV: Special device access in The Bat! >>>X-Loop-Detect: 1 >>> >>>Dear bugtraq, >>> >>>Topic: Special device access in The Bat! >>>Author: 3APA3A <[EMAIL PROTECTED]> >>>Date: February, 25 2002 >>>Software: The Bat! 1.53d, 1.54beta >>>Vendor: Ritlabs (http://www.thebat.net) >>>Risk: Low to average >>>Remote: Yes >>>Exploitable: Yes >>>Vendor Status: Notified, not verified >>> >>> >>>Details: >>> >>>The Bat! has special device access bug. If The Bat! is configured to >>>save attachment apart from message bodies and file has a name of special >>>device The Bat! will attempt to open special device. This kind of bug >>>was described in [1]. This bug was probably reintroduced in one of >>>latest version, because our previous test with this product 6 months ago >>>failed. >>> >>>It's not clear at that moment if it's possible to write special device >>>(for example to send attached file to printer or COM port), but this bug >>>definitely can be used as a DoS attack against The Bat!. After this >>>message The Bat! stops receiving of any messages (sometimes absolutely >>>silent, sometimes warning displayed that file can't be open). >>> >>>Workaround: >>> >>>Disable "Keep attachment files separately" option or use >>>Account/Dispatch Mail On Server option to delete problematic message >>>from server. >>> >>>Vendor: >>> >>>Vendor was contacted twice on February, 19. No replies received. >>> >>> >>>Exploitation: >>> >>>bash-2.03$ sendmail -U [EMAIL PROTECTED] >>>From: test >>>To: test >>>Content-Type: apllication/exe; name=lpt1 >>> >>>Test >>>. >>> >>>References: >>> >>>[1] SECURITY.NNOV: Multiple archivers special DOS/Windows >>> devices access >>> http://www.security.nnov.ru/advisories/archdos.asp >>> >>> >>>-- >>>http://www.security.nnov.ru >>> /\_/\ >>> { , . } |\ >>>+--oQQo->{ ^ }<-----+ \ >>>| ZARAZA U 3APA3A } >>>+-------------o66o--+ / >>> |/ >>>You know my name - look up my number (The Beatles) MB>> -- MB>> Usando The Bat! v1.53d MB>> en Windows NT 5.0 Build 2195 MB>> mailto:[EMAIL PROTECTED]?Subject=SendMyPGPkeys MB>> -- MB>> _____________________________________________________________ MB>> Archivos : <http://thebat.berian.com/archivos/> MB>> Moderadores : <mailto:[EMAIL PROTECTED]> MB>> Cancelar Suscripcion: <mailto:[EMAIL PROTECTED]> MB>> Direccion suscrita : [EMAIL PROTECTED] ----------------------- ........................ /\ / / \ / \ / / \/ e t \/ i c i o u s ........................ [EMAIL PROTECTED] -- _____________________________________________________________ Archivos : <http://thebat.berian.com/archivos/> Moderadores : <mailto:[EMAIL PROTECTED]> Cancelar Suscripcion: <mailto:[EMAIL PROTECTED]> Direccion suscrita : [email protected]
