| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20041014135642.77834.qmail@web20227.mail.yahoo.com> From: visitbipin at yahoo.com (bipin gautam) Subject: EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability >---Description--- >Win xp default zip manager can't handle long file names properly... > >---Bug Demonstration--- >Create a new file with very long file name... in your c: [ say: >1.111111111111111111111111111111111111111111111111111111111111111111111111 >11111111111111111111111111111111111111111111111111111111111111111111111111 >11111111111111111111111111111111111111111111111111111111111111111111111111 >11111111111111111111111111111 ] > >[or, download] http://www.geocities.com/visitbipin/zip_long.zip > >Windows xp will easily allow you to create that file, now zip the file [ >above mentioned ie 1.11111111111111111111* ] using winxp default zip >manager, [say, the new file created is 1.zip] >But strangely, if you open the file [1.zip] with windows explorer [ie >view it's content] You can neither see a file name nor its extension in >the archive but simply its icon only! > >Moreover, windows xp doesn't allow you to delete the long file created in >the above example, through GUI mode [...have to use command prompt] and >end up with an error Can't delete 1 : The folder is empty. [actually its >a file!] http://www.securityfocus.com/archive/1/336994 *appaulse* before, microsoft discarded this report as a non-security issue. Maybe, my english was too poor at that time. __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Powered by blists - more mailing lists