lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040427000753.87D344624@etrn.gtdinternet.com>
Date: Mon, 26 Apr 2004 20:14:06 -0400
From: "Rodrigo Gutierrez" <rodrigo@...ellicomp.cl>
To: "'Milan 't4c' Berger'" <t4c@...if.de>, <bugtraq@...urityfocus.com>,
   <full-disclosure@...ts.netsys.com>
Subject: RE: Re: Microsoft's Explorer and Internet Explorer long share name buffer overflow.


It could be something in the windows versions?    

I tested this in Spanish Windows 2000 SP4 rel: 5.00.2195   IE6:
6.0.2800.1106 /  All Security Patches / 300 characters share

another test could be to add more characters lets say 500 characters,  if
you still don't 
get explorer/iexplorer to crash maybe we should ask MS if the patches apply
equally to all 
the different international versions of windows.

I will kindly provide the other Full OS Versions on request, and perhaps we
should keep this just to mailing lists. 


Regards

Rodrigo.-


-----Mensaje original-----
De: Milan 't4c' Berger [mailto:t4c@...if.de] 
Enviado el: Lunes, 26 de Abril de 2004 19:01
Para: dan57170@...oo.com
CC: Rodrigo Gutierrez; full-disclosure@...ts.netsys.com;
bugtraq@...urityfocus.com; submissions@...ketstormsecurity.org;
info@...uriteam.com
Asunto: Re: [Full-Disclosure] Re: Microsoft's Explorer and Internet Explorer
long share name buffer overflow.

Hello,

I expierenced the same like Daniel.
Windows 2k all hotfixes and patches installed.
Machine doesn't crash, just gave me the error message "share name not found"

Tested on german Windows 2000 pro SP4/IE6 tested with Windows Explorer.


Regards,
	Milan




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ