lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Nov 24 12:13:19 2005 From: Vegar.Linge.Haaland at palantir.no (Haaland, Vegar Linge) Subject: Window's O/S Ok, the first one it will open (if you have, let's say: notepad and notepad.exe) is notepad.exe I tried a couple of stuff and here's my notes:) : The folde could be named notepad.exe notepad notepad.cmd or notepad.bat I also successfully got it to start cmd.exe by copying a copy of cmd to the desktop folder, and rename it to notepad.exe :) I'll bet there's tons of stuff we could make this bug do :D (Worked on Windows XP sp2) (btw, sorry about my English.. :S) -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of indianz@...ianz.ch Sent: 24. november 2005 12:44 To: pagvac Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Window's O/S Importance: High Hi there same effect under german windows xp sp2... i'm not really a windows guru, but i think, this has to do with some pre-defined windows and internet explorer search-paths. when you enter an url in internet explorer, and have a cd-rom in the drive, it will move the cd-rom (searching for something?). weird! GreetZ from IndianZ > OK, so here is where creativity kicks in. > > Anyone has any interesting ideas for exploiting this bug as an attack > vector? > > On 11/24/05, Sibillano Fabio <Fabio.Sibillano@...ileasing.it> wrote: >> >> > Confirmed on Windows XP SP2 (English Version). >> >> Italian version too... >> >> weird! >> >> >> >> >> The information contained in this e-mail may be privileged, >> confidential, and protected from disclosure. If you are not the >> intended recipient, you are hereby notified that any dissemination, >> distribution or duplication of this communication is strictly >> prohibited. If you have received this communication in error, please >> notify the sender immediately and delete all copies . >> >> >> > > > -- > pagvac (Adrian Pastor) > www.ikwt.com - In Knowledge We Trust > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > GreetZ from IndianZ mailto:indianz@...ianz.ch http://www.indianz.ch _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists