Re: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow.
From: KF (lists) (kf_lists_at_secnetops.com)
To: email@example.com Date: Thu, 29 Apr 2004 18:06:12 -0400
smbd aparantly likes them to be a 256 chars or less aparantly. =]
Apr 27 18:26:39 CloneRiot smbd: ERROR: string overflow by 1 (256
- 255) in safe_strcpy [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]
Lan Guy wrote:
> Even people like Christopher Hertel
> don't know the maximum limit of a share name.
> I always thought that the protocol could not have more than 127
> charaters in a single share name length.
> In any case Explorer should not crash.
> Lan Guy
> ----- Original Message ----- From: "KF (lists)" <firstname.lastname@example.org>
> To: <email@example.com>
> Cc: <firstname.lastname@example.org>
> Sent: Thursday, April 29, 2004 2:55 AM
> Subject: Re: [Full-Disclosure] Microsoft's Explorer and Internet
> Explorer long share name buffer overflow.
>> I would say they lied myself... I have all patches from Windows
>> update installed including all the optional ones... still crashes for
>> me and still tears up the EIP and EBP. My IE advertises itself as:
>> 6.0.2800.1106 SP1; Q837009;Q8832894:Q831167 , The OS is Win2k Server
>> 5.00.2195 SP4.
>> Thus far I have been unable to locate a good unicode return
>> address... but thats not to say there is not one there. =] . For
>> those of you wondering smb.conf DOES allow for characters like \x90
>> and other things of that nature.
>> Paul Szabo wrote:
>>> Anyway, http://support.microsoft.com/?kbid=322857 lies when it says
>>> this is
>>> fixed in W2kSP4; or maybe that KB article refers to a different
>>> problem: it
>>> say the error should be "Access Violation", I got "Program Error".
>>> Paul Szabo - email@example.com
>>> School of Mathematics and Statistics University of Sydney 2006
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.