Return-Path: owner-bugtraq@SECURITYFOCUS.COM MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="ISO-8859-1" Message-ID: <4036B8ED3AAED3118F9E00A0CC58F9F187CC@MAIL> Date: Wed, 15 Mar 2000 10:29:18 -0800 Reply-To: Oliver Friedrichs Sender: Bugtraq List From: Oliver Friedrichs Subject: Re: con\con is a old thing (anyway is cool) X-To: "bugtraq@securityfocus.com" To: BUGTRAQ@SECURITYFOCUS.COM -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 While we're on the issue of creating known devices under Windows. An issue I remember noting awhile back is that under Windows NT, it's possible to create and remove most of these devices over a file share. They aren't treated as special files. You cannot however create or remove these files locally. I imagine that this is due to the fact that there are descrepencies between file operations processed through the CIFS layer, and operations processed locally. While this probably isn't a serious issue, the main problem is that someone could create a large number of these files (as I recall you could use a large number of variations), and the local user would not be able to remove them, since they can only be removed via a network share. More an annoyance than anything.. For example, you can create known devices with random extensions over a file share, com1.1 com1.2 com1.3 com1.4, and you cannot remove them locally. It's probably a good thing that the CIFS layer doesn't provide direct access to these devices, otherwise an anonymous share could open up a number of other security issues. - - Oliver > -----Original Message----- > From: Elias Levy [mailto:aleph1@SECURITYFOCUS.COM] > Sent: Saturday, March 11, 2000 2:43 PM > To: BUGTRAQ@SECURITYFOCUS.COM > Subject: Re: con\con is a old thing (anyway is cool) > > > Summary of message on the con\con Windows issue. > > Any permutation of certain DOS device names as a filename of the > form "device\device" when opened will crash Windows 95/98. Devices > that seem to trigger the bug include "con", "aux", "nul", and > "clock$". So not > only will "con\con" trigger it, but so will "aux\clock$", > "clock$\con", > etc. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use iQA/AwUBOM/U5cm4FXxxREdXEQITjwCfW2vD6C1O30haifPxKz4VqZh2IXkAnRhQ SJim3ep7YE+6sGZ5DR+iVcRG =6cmK -----END PGP SIGNATURE-----