Re: [Full-Disclosure] EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability

From: bipin gautam (visitbipin_at_yahoo.com)
Date: 10/14/04

  • Next message: Luke Macken: "[Full-Disclosure] [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities"
    To: Derek Soeder <dsoeder@eeye.com>
    Date: Thu, 14 Oct 2004 06:56:42 -0700 (PDT)
    
    

    >---Description---
    >Win xp default zip manager can't handle long file
    names properly...
    >
    >---Bug Demonstration---
    >Create a new file with very long file name... in your
    c: [ say:
    >1.111111111111111111111111111111111111111111111111111111111111111111111111
    >11111111111111111111111111111111111111111111111111111111111111111111111111
    >11111111111111111111111111111111111111111111111111111111111111111111111111
    >11111111111111111111111111111 ]
    >
    >[or, download]
    http://www.geocities.com/visitbipin/zip_long.zip
    >
    >Windows xp will easily allow you to create that file,
    now zip the file [
    >above mentioned ie 1.11111111111111111111* ] using
    winxp default zip
    >manager, [say, the new file created is 1.zip]
    >But strangely, if you open the file [1.zip] with
    windows explorer [ie
    >view it's content] You can neither see a file name
    nor its extension in
    >the archive but simply its icon only!
    >
    >Moreover, windows xp doesn't allow you to delete the
    long file created in
    >the above example, through GUI mode [...have to use
    command prompt] and
    >end up with an error Can't delete 1 : The folder is
    empty. [actually its
    >a file!]

    http://www.securityfocus.com/archive/1/336994

    *appaulse*

    before, microsoft discarded this report as a
    non-security issue. Maybe, my english was too poor at
    that time.

                    
    __________________________________
    Do you Yahoo!?
    Yahoo! Mail Address AutoComplete - You start. We finish.
    http://promotions.yahoo.com/new_mail

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Luke Macken: "[Full-Disclosure] [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities"

    Relevant Pages

    • Re: What do you consider the best recipe software for Windows?
      ... months ago a Windows XP SP3 patch knocked out a string needed for the ... has come up with a patch... ... *Having* to join some yahoo discussion group ... I did pay for my software as I'm sure others did, but lots of people pay for "free" software by making donations to the developers. ...
      (rec.food.cooking)
    • Re: How to uninstall IE6 for XP
      ... I had disabled the Yahoo popup blocker, ... How to Reinstall or Repair Internet Explorer and Outlook Express in Windows ... you cannot 'uninstall' IE if you have Windows XP. ... >> something like Yahoo Companion, Google toolbar, MSN toolbar, a>> firewall, ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • Re: Microsoft geht es immer schlechter
      ... Was interessiert mich die Bewertung von Managern, ... und 40 Milliarden US$ für die Übernahme von Yahoo fallen auch nicht ... Mit dem aktüllen Windows Vista ...
      (de.comp.advocacy)
    • Re: Error message 0x800CCC0f
      ... So it maybe some issue with that ver of windows. ... I got a hold of a tech from AT&T Yahoo ... patch to fix port 465 I didn't find one. ... Subject 'test', Account: 'pop.mail.yahoo.co.uk', Server: ...
      (microsoft.public.windows.vista.mail)
    • Re: IE problem: Unable to use Google , yahoo and other search bars in IE...
      ... Tell the user he/she should /only/ get his/her updates via Windows ... PA Bear: Thank You for the sites you sent; ... > checking out those hijack type sites ... >> useable except that they cannot click on the search bar on google yahoo ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)