| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <130001c39efc$94ab0910$c864a8c0@Maxime> From: maxime at pandore-design.com (Maxime Ducharme) Subject: Shortcut...... may cause 100% cpu use!!! From: "Bipin Gautam" <door_hUNT3R@...ckcodemail.com> To: <full-disclosure@...ts.netsys.com> Sent: Thursday, October 30, 2003 9:02 AM Subject: [Full-Disclosure] Shortcut...... may cause 100% cpu use!!! > > --[Effected]-- > The exploit has been tested in WINDOWS xp wow a new exploit ! > > --[Description]-- > Running a specially crafted "shortcut" that points to itself! IF executed through 'Windows Explorer' or IE may cauze 100% cpu use... THAT CAN LEAD TODoS in the victim. ohhh wait, this a DoS too ! > > > > --[Simple! proof of concept]-- > http://www.geocities.com/visitbipin/shortcut.zip > > [Note: You *may* have to RUN the 'shortcut' few* time's to have a effective 100% CPU use...] > > > EXTRACT this file and copy it to c:\ [root] and double click IT... or open it through IE after copying it in c:\ > > > > > PS: Anyone willing to craft* it for IIS (O; I found how, send the file to the sysadmin and tell his this is a patch ! > > --[credit]-- > Bipin Gautam (hUNT3R) congrats to our security specialist bipin > > _____________________________________________________________ > Secure mail ---> http://www.blackcode.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > >
Powered by blists - more mailing lists